https://www.ory.sh/ logo
#talk-keto
Title
# talk-keto
e

eager-cat-38423

01/26/2022, 9:15 PM
Hi! I'm new to authz and I am investigating keto for our use-case. We need to establish multi-tenancy so that our business partners don't have access to each others' datasets. However, some datasets are available to the public. Is there a way to express that the public can read from certain datasets? (Without adding each member of the public to the "public" group.)
Copy code
bucket:free_data#viewer@(group:public#member)
For now, I'm using the
*
user -- like in the quickstart -- and doing two checks: one with a UUID associated with their email address and another with
*
and ORing the results. Seems a bit awkward? Is that the idiomatic usage?
s

steep-lamp-91158

01/27/2022, 8:51 AM
The
*
user and ORing two checks is a valid workaround until https://github.com/ory/keto/issues/263 is implemented.
Regarding multi-tenancy, have a look at https://www.ory.sh/kratos/docs/guides/multi-tenancy-multitenant/ The same applies to Keto 😉
Alternatively, we are currently working on adding Keto to Ory Cloud. There you can configure one for each customer, also over automation. If you are interested in that, @User can give you some details
👀 1