Skip to content
Entitlements module/
/
Get Relation Assignments

Entitlements Overview (1.0)

The Entitlements Engine is powered by the isEntitledTo query and is designed to manage and control user access within your application. It enables you to grant users specific roles, permissions, feature access, and more, providing a flexible framework for access management.

Below is an overview of API endpoints relevant to managing features, plans, feature flags, and API access control within your application. All endpoints are classified as Management Endpoints, requiring environment-level authorization and offering comprehensive control over entitlement resources.

Download OpenAPI description
Users, Auth and Security
Single Sign-On
SCIM Provisioning
Entitlements
Entitlements Agent
Accounts (Tenants)
Languages
Servers
EU Region
https://api.frontegg.com/entitlements/
US Region
https://api.us.frontegg.com/entitlements/
CA Region
https://api.ca.frontegg.com/entitlements/
AU Region
https://api.au.frontegg.com/entitlements/
Frontegg sub-domain for use with user tokens
https://{domain}.frontegg.com/entitlements/

ReBAC

Operations

Delete Entity Type Relation

Request

Remove a relation definition from an entity type.

Security
bearer
curl -i -X DELETE \
  'https://api.frontegg.com/entitlements/resources/entity-types/v1/{key}/relations/{relationKey}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Get Relation Assignments

Request

List all instance-level relationship assignments.

Security
bearer
Query
offsetinteger
Default 0
limitinteger
Default 10
Example: limit=10
curl -i -X GET \
  https://api.frontegg.com/entitlements/resources/relations/v1/assignments \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Bodyapplication/json
itemsArray of objects(RelationAssignmentDto)read-onlyrequired
items[].​subjectEntityTypeKeystringread-onlyrequired
Example: "user"
items[].​subjectKeystringread-onlyrequired
Example: "anthony@email-of.his"
items[].​relationKeystringread-onlyrequired
Example: "reader"
items[].​targetEntityTypeKeystringread-onlyrequired
Example: "document"
items[].​targetKeystringread-onlyrequired
Example: "document-1.doc"
items[].​activeFromstring
Example: "2024-01-01T00:00:00Z"
items[].​activeUntilstring
Example: "2024-12-31T23:59:59Z"
hasNextbooleanread-onlyrequired
Example: false
Response
application/json
{
  "items": [
    { … }
  ],
  "hasNext": false
}

Create Relation Assignments

Request

Create relation assignments (instance-level relationships). E.g., "User A is a reader of Document 1".

Security
bearer
Bodyapplication/jsonrequired
assignmentsArray of objects(RelationAssignmentRequestDto)required
assignments[].​subjectEntityTypeKeystringrequired
Example: "user"
assignments[].​subjectKeystringrequired
Example: "anthony@email-of.his"
assignments[].​relationKeystringrequired
Example: "reader"
assignments[].​targetEntityTypeKeystringrequired
Example: "document"
assignments[].​targetKeystringrequired
Example: "document-1.doc"
assignments[].​activeFromstring
Example: "2024-01-01T00:00:00Z"
assignments[].​activeUntilstring
Example: "2024-12-31T23:59:59Z"
curl -i -X POST \
  https://api.frontegg.com/entitlements/resources/relations/v1/assign \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "assignments": [
      {
        "subjectEntityTypeKey": "user",
        "subjectKey": "anthony@email-of.his",
        "relationKey": "reader",
        "targetEntityTypeKey": "document",
        "targetKey": "document-1.doc",
        "activeFrom": "2024-01-01T00:00:00Z",
        "activeUntil": "2024-12-31T23:59:59Z"
      }
    ]
  }'

Responses

Bodyapplication/jsonArray [
subjectEntityTypeKeystringread-onlyrequired
Example: "user"
subjectKeystringread-onlyrequired
Example: "anthony@email-of.his"
relationKeystringread-onlyrequired
Example: "reader"
targetEntityTypeKeystringread-onlyrequired
Example: "document"
targetKeystringread-onlyrequired
Example: "document-1.doc"
activeFromstring
Example: "2024-01-01T00:00:00Z"
activeUntilstring
Example: "2024-12-31T23:59:59Z"
]
Response
application/json
[
  {
    "subjectEntityTypeKey": "user",
    "subjectKey": "anthony@email-of.his",
    "relationKey": "reader",
    "targetEntityTypeKey": "document",
    "targetKey": "document-1.doc",
    "activeFrom": "2024-01-01T00:00:00Z",
    "activeUntil": "2024-12-31T23:59:59Z"
  }
]

Features

Operations

Plans

Operations

Entitlements

Operations

Feature Flags

Operations

API Access Control

Operations