B2B Saas Authentication

/

Mobile SDKs

/

React Native SDK reference

/

RBAC

/

Permissions

Permissions

The allPermissions method returns the complete list of permissions assigned to the currently logged-in Member. If the Member is not logged in, all values will be false.

As a best practice, authorization checks for sensitive actions should also occur on the backend.

import { useStytchB2BClient } from '@stytch/react-native/b2b';
import React, { useEffect, useState } from 'react';
import { Text, TouchableOpacity, View } from 'react-native';

export const MyComponent = () => {
  const [allPermissions, setAllPermissions] = useState();

  const stytch = useStytchB2BClient();

  useEffect(() => {
    stytch.rbac
      .allPermissions()
      .then((response) => setAllPermissions(response));
  }, [stytch]);

  if (!allPermissions) {
    return <Text>Loading...</Text>;
  }

  const canEditDocuments = allPermissions['document']['edit'];
  const canEditOrgName =
    allPermissions['stytch.organization']['update.info.name'];

  const editDocument = () => {
    /* ... */
  };

  const updateOrgName = () => {
    /* ... */
  };

  return (
    <View>
      <TouchableOpacity disabled={!canEditDocuments} onPress={editDocument}>
        <Text>Edit Document</Text>
      </TouchableOpacity>
      <TouchableOpacity disabled={!canEditOrgName} onPress={updateOrgName}>
        <Text>Update Organization Name</Text>
      </TouchableOpacity>
    </View>
  );
};

RESPONSE

200
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141"
    "stytch_permissions": {
      "documents": {
        "edit": false,
        "read": true,
      },
      "images": {
        "create": false,
        "view": true,
      },
    },
}