https://www.ory.sh/
Join Slack
Hi! I'm trying to get into the Keto permissions on Ory Network and I'm struggling a bit. I tried fol...
# talk-keto
a
Hi! I'm trying to get into the Keto permissions on Ory Network and I'm struggling a bit. I tried following the example in https://www.ory.sh/docs/guides/permissions/overview. Running
Copy code
ory is allowed User:Patrik view File keto/src/main.go
works as expected, returning 
Allowed
. Now I'm trying to get the same result using the REST API (from https://www.ory.sh/docs/keto/reference/rest-api#tag/permission/operation/postCheckPermissionOrError) like
Copy code
curl "https://${ORY_PROJECT_SLUG}.<http://projects.oryapis.com/relation-tuples/check|projects.oryapis.com/relation-tuples/check>" -d '{"relation": "view", "subject_id": "User:Patrik", "namespace": "File", "object": "keto/src/main.go"}' -H "Authorization: Bearer ${ORY_SECRET}" -H "Content-Type: application/json"
I get 
{ "allowed": false }
. Am I mixing something up?
I managed to get it working, the correct query is:
Copy code
curl "https://${ORY_PROJECT_SLUG}.<http://projects.oryapis.com/relation-tuples/check?relation=view&namespace=Folder&object=keto/&subject_set.namespace=User&subject_set.object=Patrik&subject_set.relation=|projects.oryapis.com/relation-tuples/check?relation=view&namespace=Folder&object=keto/&subject_set.namespace=User&subject_set.object=Patrik&subject_set.relation=>" -H "Authorization: Bearer ${ORY_SECRET}"  -v | jq
3 Views
Open in Slack
PreviousNext
Powered by

Ory Community

Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Powered by