Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

hey team... we're reviewing using Cerbos in a multitenant ROR app. it has system-defined roles (eg. users can do X, admins can do X+Y), but down the line we'll need to support admins creating other policies (eg. guests can do some of X and have read access to specific records). How can these dynamic policies be achieved with Cerbos without hardcoding them into a yml file? Thanks

nevermind, just found out about the admin API that allows uploading of user-generated policies

Admin API is the way! We wrote a blog post on this topic too, which you might find useful. It demonstrates an alternative approach, as well as the admin API:  <https://cerbos.dev/blog/supercharging-your-policy-rules-with-self-service-custom-roles|https://cerbos.dev/blog/supercharging-your-policy-rules-with-self-service-custom-roles>