/
Contact usSee pricingStart building
    Overview
    iOS SDK reference
    Android SDK reference

    React Native SDK reference

    Installation
    Changelog
    Organizations
      Get Organization
      Get Organization by Slug
      Update Organization
      Delete Organization
    Members
      Get Member
      Create Member
      Update Member
      Search Members
      Delete Member
      Reactivate Member
      Delete Member Password
      Delete Member MFA Phone Number
      Delete Member MFA TOTP
      Unlink Retired Member Email
      Update Self
      Delete Self Password
      Delete Self MFA Phone Number
      Delete Self MFA TOTP
      Unlink Retired Self Email
      Update Member (Deprecated)
      Delete Member MFA Phone Number (Deprecated)
    RBAC
      Is Authorized
      Permissions
    Email Magic Links
      Login or Signup
      Invite
      Authenticate
      Send Discovery Email
      Authenticate Discovery Magic Link
    Session Management
      Get Session
      Authenticate Session
      Revoke Session
      Exchange Session
      Get Tokens
      Revoke Sessions for Member
    SSO
      Start SSO Flow
      Authenticate
      Get SSO Connections
      Delete SSO Connection
      Create SAML Connection
      Update SAML Connection
      Update SAML Connection by Metadata URL
      Delete Verification Certificate
      Create OIDC Connection
      Update OIDC Connection
      Create External Connection
      Update External Connection
    Discovery
      List Discovered Organizations
      Create Organization via Discovery
      Exchange Intermediate Session
    Passwords
      Authenticate
      Reset by Email Start
      Reset by Email
      Reset by Existing Password
      Reset by Session
      Strength Check
    SCIM
      Create SCIM Connection
      Update SCIM Connection
      Delete SCIM Connection
      Get SCIM Connection
      Rotate SCIM Token Start
      Rotate SCIM Token Complete
      Rotate SCIM Token Cancel
    Multi-factor Authentication

    • One-Time Passcodes

        • SMS Send
        SMS Authenticate

    • Time-Based One-Time Passcodes

        • TOTP Create
        TOTP Authenticate

    • Recovery Codes

        • Recovery Codes Recover
        Rotate Recovery Codes
        Get Recovery Codes
    Pre-built UI
      UI Configuration
    More Resources
      SWR & caching
      Deep linking
      Android KeyStore considerations
Get support on SlackVisit our developer forum

Contact us

B2B Saas Authentication

/

Mobile SDKs

/

React Native SDK reference

/

RBAC

/

Is Authorized

isAuthorized

The SDK provides two methods for getting an authorization verdict on a Resource-action pair (that is, whether the logged-in Member is authorized to perform the specified action on the specified Resource).

The isAuthorizedSync method will use locally-cached instances of the Member and the configured RBAC policy. If the RBAC policy has not been loaded, this method will always return false. The SWR caching strategy is detailed here.

The isAuthorized method determines whether the logged-in member is allowed to perform the specified action on the specified resource. It will return a Promise that resolves after the RBAC policy has been loaded. Returns true if the member can perform the action, false otherwise.

If the member is not logged in, this method will always return false. If the resource or action provided are not valid for the configured RBAC policy, this method will return false.

As a best practice, authorization checks for sensitive actions should also occur on the backend.

import { useStytchB2BClient } from '@stytch/react-native/b2b';
import React from 'react';
import { Text, TouchableOpacity, View } from 'react-native';

export const EditDocuments = () => {
  const stytch = useStytchB2BClient();
  const isAuthorized = stytch.rbac.isAuthorizedSync('documents', 'edit');

  const editDocument = () => {
    //...
  };

  return (
    <View>
      <TouchableOpacity disabled={!isAuthorized} onPress={editDocument}>
        <Text>Edit</Text>
      </TouchableOpacity>
    </View>
  );
};
RESPONSE
200
​
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141"
    "is_authorized": true,
}