# Is entitled to permission

Check whether a specific user is entitled to access a requested permission based on their role assignments and account (tenant) configuration.

Endpoint: POST /v1/data/e10s/permissions/is_entitled_to_input_permission

## Request fields (application/json):

  - `input` (object)

  - `input.subjectContext` (object)

  - `input.subjectContext.userId` (string)
    Example: "6c2ce177-66cd-4163-a012-b7833255a490"

  - `input.subjectContext.tenantId` (string, required)
    Example: "f21ca66c-d23b-496f-b805-121ed37eb46a"

  - `input.subjectContext.permissions` (array)
    Example: ["example.permission.read","example.permission.write"]

  - `input.subjectContext.attributes` (object)
    Example: {"exampleAttribute":"example-value"}

  - `input.requestContext` (object)

  - `input.requestContext.permissionKey` (string, required)
    Example: "example.permission.read"

## Response 200 fields (application/json):

  - `decision_id` (string, required)
    Example: "df5dae62-be02-4333-bbe1-f7220e13c6c3"

  - `metrics` (object, required)

  - `result` (object, required)

  - `result.justification` (string)
    Enum: "MISSING_FEATURE", "MISSING_PERMISSION", "PLAN_EXPIRED", "MISSING_ROUTE", "ROUTE_DENIED"

  - `result.monitoring` (boolean)