Hello All, I have a use case for my application where I have multiple roles and multiple features and each role has a different access on a feature, is there a good way to implement it in Keto, which in turns can give me a result that a user with a specific role has access over a feature.

features := []string{"f1","f2"}
roles := []string{"r1","r2"}

features /roles r1. r2 f1. {"view","delete"} {"delete","edit"} f2. {"view"} {"delete"}

features_role_rights_array := [][][]string{{{"view","delete"},{"delete","edit"}},{{"view"},{"delete"}}}

Now Say a user with id user-1 has a role r2, I want to see over a feature what access does he has? Is there any way to get this information, with implementing it using keto. I have tried this kind of configuration:

features:f1#view@(roles:r1#member)
features:f1#delete@(roles:r1#member)

features:f1#delete@(roles:r2#member)
features:f1#edit@(roles:r2#member)

features:f2#view@(roles:r1#member)
features:f2#delete@(roles:r2#member)

roles:r2#member@user-1

Now in order to get my query I am not able to get the details of accesses user-1 has. Is there any way to get this information?

Did you see our RBAC guide? It uses a few workarounds but could be a good resource for your problem: https://www.ory.sh/docs/keto/guides/rbac Otherwise could you provide some commands for me to reproduce your setup and also include the command that is not working for you - ideally as cURL - that would help a lot to speed this up 🙂 I assume you want to use Check API to get the details of user-1?

Actually I have gone through the RBAC guide but my use case is to get all the access user-1 has, I want to see an output like : user - access list {"delete","edit"} Now if I add the user in roles:r1#member@user-1 as well now I should get the result as user - access list {"view","delete","edit"} I have tried the get relation-tuples api with the details but I am not able to get this kind of a result.