Hello my dear Ory'ers! I want to check permissions from the front end (you know, in order to display the gui properly), is that currently supported? Obviously, I won't have an access token, which as far as I can tell is the only way to auth against relation-tuples/check(/openapi), but is there a way to check permissions using the current users active session? You know, like the /sessions/whoami endpoint supports?

We don’t have a public endpoint for permission checking (yet?). I think the best approach is to have a lightweight service in your side that verifies the user (whoami), performs the Permissions check, and returns a useful response.

Yeah, I catch your drift. I do think it makes sense though, kinda. It does feel nicer to avoid the extra hop when doing these kinds of light-weight lookups, ie: (client) -> (ory network) rather than (client) -> (our backend) -> (ory network)

It might make sense to use some sort of cloud function or edge service as we’re working to get Permission checks globally served - then the request could avoid some hops maybe

Yeah, that's not a bad idea