# Entitlements Overview The Entitlements Engine is powered by the `isEntitledTo` query and is designed to manage and control user access within your application. It enables you to grant users specific roles, permissions, feature access, and more, providing a flexible framework for access management. Below is an overview of API endpoints relevant to managing features, plans, feature flags, and API access control within your application. All endpoints are classified as **Management Endpoints**, requiring environment-level authorization and offering comprehensive control over entitlement resources. ## Servers EU Region ``` https://api.frontegg.com/entitlements ``` US Region ``` https://api.us.frontegg.com/entitlements ``` CA Region ``` https://api.ca.frontegg.com/entitlements ``` AU Region ``` https://api.au.frontegg.com/entitlements ``` Frontegg sub-domain for use with user tokens ``` https://{domain}.frontegg.com/entitlements ``` Variables: - `domain` Default: "app-xxx" ## Security ### bearer Type: http Scheme: bearer Bearer Format: JWT ## Download OpenAPI description [Entitlements Overview](https://developers.frontegg.com/_bundle/ciam/api/entitlements.yaml) ## Features ### Get Feature Flags - [GET /resources/features/v1](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv1_getfeatures.md): Retrieve a paginated list of features with filtering, search, and sorting capabilities. Filter by feature IDs, keys, permission keys, or feature flag association. Search by name and sort by name, key, or creation date. ### Create feature - [POST /resources/features/v1](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv1_createfeature.md): Create a new feature with a unique name and key, optional description, and associated permissions. ### Update feature - [PATCH /resources/features/v1/{featureId}](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv1_updatefeature.md): Update an existing feature's name, key, description, or associated permissions. ### Delete feature - [DELETE /resources/features/v1/{featureId}](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv1_deletefeature.md): Delete an existing feature by its unique identifier. ### Create feature - [POST /resources/features/v2](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv2_create.md): Create a new feature with a unique name and key, optional description, associated permissions, and custom metadata. ### Update feature - [PATCH /resources/features/v2/{featureId}](https://developers.frontegg.com/ciam/api/entitlements/features/featurescontrollerv2_update.md): Update an existing feature's name, key, description, associated permissions, or custom metadata. ## Plans ### Get account (tenant) plans - [GET /resources/plans/v1/tenant/{tenantId}](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_gettenantplans.md): Retrieve a paginated list of plans for a specific account (tenant) with filtering, search, and sorting capabilities. Search by name, sort by name or creation date, and optionally exclude non-entitled plans. ### Get plans - [GET /resources/plans/v1](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_getplans.md): Retrieve a paginated list of plans with filtering, search, and sorting capabilities. Search by name, sort by name or creation date, and filter by feature IDs, user IDs, or account (tenant) IDs. ### Create plan - [POST /resources/plans/v1](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_createplan.md): Create a new plan with features, rules, default treatment, and optional auto-assignment settings. ### Get single plan - [GET /resources/plans/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_getsingleplan.md): Retrieve a single plan by its unique identifier, including linked features and entitlements. ### Update plan - [PATCH /resources/plans/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_updateplan.md): Update an existing plan's name, features, rules, default treatment, or auto-assignment settings. ### Delete plan - [DELETE /resources/plans/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_deleteplan.md): Delete an existing plan by its unique identifier. ### Get plan features - [GET /resources/plans/v1/{id}/features](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_getplanfeatures.md): Retrieve a paginated list of plan features, with the abillity to search and order (by date (createdAt) or expiration date (expirationDate)). ### Link features to plan - [PATCH /resources/plans/v1/{id}/features/link](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_linkfeaturestoplan.md): Link multiple features to an existing plan by their feature IDs. ### Unlink features from plan - [PATCH /resources/plans/v1/{id}/features/unlink](https://developers.frontegg.com/ciam/api/entitlements/plans/planscontrollerv1_unlinkfeaturesfromplan.md): Unlink multiple features from an existing plan by their feature IDs. ## Entitlements ### Get entitlements - [GET /resources/entitlements/v2](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_getentitlements.md): Retrieve a paginated list of entitlements with sorting and filtering capabilities. Sort by expiration date (expirationDate) or creation date (createdAt), filter by plan IDs (planId, planIds), assign level (assignLevel) for user or account, user IDs (userIds), or account (tenant) IDs (tenantIds), and optionally include related entities (withRelations). ### Create entitlement - [POST /resources/entitlements/v2](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_createentitlement.md): Create a new entitlement by associating a plan with an account (tenant) and optionally a specific user, with configurable expiration settings. ### Batch create entitlements - [POST /resources/entitlements/v2/batch](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_createbatchentitlements.md): Create multiple entitlements in a single batch operation, efficiently associating plans with accounts (tenants) and optionally specific users. ### Batch update entitlements - [PATCH /resources/entitlements/v2/batch](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_updatebatchentitlements.md): Update multiple existing entitlements in a single batch operation, allowing efficient modification of expiration dates and other entitlement properties. ### Batch delete entitlements - [DELETE /resources/entitlements/v2/batch](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_deletebatchentitlements.md): Delete multiple entitlements in a single batch operation by providing an array of entitlement IDs, enabling efficient bulk removal of entitlements. ### Get single entitlement - [GET /resources/entitlements/v2/{id}](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_getsingleentitlement.md): Retrieve detailed information for a specific entitlement by its unique ID, including associated plan details and metadata. ### Update entitlement - [PATCH /resources/entitlements/v2/{id}](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_updateentitlement.md): Update an existing entitlement's properties, such as expiration date, by providing the entitlement ID and the fields to modify. ### Delete entitlement - [DELETE /resources/entitlements/v2/{id}](https://developers.frontegg.com/ciam/api/entitlements/entitlements/entitlementscontrollerv2_deleteentitlement.md): Delete a specific entitlement by its unique ID, permanently removing the entitlement and its associated permissions. ## Feature Flags ### Get feature flags - [GET /resources/feature-flags/v1](https://developers.frontegg.com/ciam/api/entitlements/feature-flags/featureflagscontrollerv1_getfeatureflags.md): Retrieve a paginated list of feature flags with search, filtering, and sorting capabilities by name or creation date (createdAt or name fields). ### Create feature flag - [POST /resources/feature-flags/v1](https://developers.frontegg.com/ciam/api/entitlements/feature-flags/featureflagscontrollerv1_createfeatureflag.md): Create a new feature flag with configurable on/off states, default treatments, targeting rules, and custom metadata for controlled feature rollouts. ### Get single feature flag - [GET /resources/feature-flags/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/feature-flags/featureflagscontrollerv1_getsinglefeatureflag.md): Retrieve detailed information for a specific feature flag by its unique ID, including configuration, rules, and associated feature details. ### Update feature flag - [PATCH /resources/feature-flags/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/feature-flags/featureflagscontrollerv1_updatefeatureflag.md): Update an existing feature flag's configuration, including its on/off state, treatments, targeting rules, and metadata. ### Delete feature flag - [DELETE /resources/feature-flags/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/feature-flags/featureflagscontrollerv1_deletefeatureflag.md): Delete a specific feature flag by its unique ID, permanently removing the feature flag and its associated configuration. ## API Access Control ### Get routes - [GET /resources/routes/v1](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_getmany.md): Retrieve all configured routes with their HTTP methods, paths, policies, and associated rules for access control and feature gating. ### Create route - [POST /resources/routes/v1](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_create.md): Create a new route configuration with HTTP method, path, and policy type (allow, deny, or ruleBased) for access control management. ### Get single route - [GET /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_getsingle.md): Retrieve detailed information for a specific route by its unique ID, including method, path, policy type, and associated rules. ### Delete route - [DELETE /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_delete.md): Delete a specific route by its unique ID, permanently removing the route configuration and its associated access control rules. ### Update route - [PATCH /resources/routes/v1/{id}](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_update.md): Update an existing route's configuration, including HTTP method, path, policy type, and description for access control management. ### Import open API - [POST /resources/routes/v1/import-open-api](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_importopenapi.md): Import route configurations from an OpenAPI specification in JSON format, automatically creating routes based on the API definition. ### Create or replace route rules - [PUT /resources/routes/v1/{id}/rules](https://developers.frontegg.com/ciam/api/entitlements/api-access-control/routescontrollerv1_replacerules.md): Create or replace route rules for a specific route, defining access control through feature flags or permission-based restrictions that determine user authorization.