Authorization & Permissions | ShipSaaS Documentation | ShipSaaS

Authorization controls what authenticated users can access in your application. The boilerplate includes a comprehensive role-based access control (RBAC) system with hierarchical permissions.

Perfect for: Multi-role applications, admin panels, permission-based features, and enterprise security requirements.

Authentication vs Authorization

"Who are you?"

Login with email/password
Verify user identity
Create secure session
Handled by Better Auth

Result: User is logged in or not

Key concept: Authentication gets you in the door. Authorization decides which rooms you can enter.

Authorization Topics

👑

Roles & Hierarchy

User roles from GUEST to SUPER_ADMIN with inheritance system

🛡️

Route Protection

Protect pages with withAuth HOC and middleware

🔒

API Protection

Secure API routes with role and permission checks

⚖️

CASL Permissions

Fine-grained permissions with CASL integration

Complete security system! Your SaaS application has enterprise-grade authorization protecting every resource based on user roles and permissions.