Security Definitions
Create and manage reusable security policy templates
Security definitions are reusable policy templates that describe what security rules to apply to a connection. Each definition can include any combination of:
- Connection-level security (CLS) -- route users to different databases or file paths
- Schema-level security (SLS) -- restrict which schemas a user can query
- Row-level security (RLS) -- inject WHERE-clause filters so users only see authorized rows
Once created, a definition can be assigned to one or more actors (tenants, tenant users, or organization users) with concrete parameter values.
Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | List definitions | List all definitions in a project |
| POST | Create a definition | Create a new definition for a connection |
| GET | Get a definition | Retrieve a single definition |
| PATCH | Update a definition | Update a definition's name or configuration |
| DELETE | Delete a definition | Delete a definition (must have no assignments) |