What levels of access control does Anythink provide?

Anythink provides three levels: entity-level (public/private flag per entity), role-based (custom roles with entity-scoped permissions), and row-level security (RLS, enabled per entity to restrict users to their own data).

How does row-level security work?

When RLS is enabled on an entity, users can only access records they own or are permitted to see based on their role. This is enforced at the database level, ensuring data isolation even if application logic has bugs.

Can I create custom roles with specific permissions?

Yes. You can create unlimited custom roles, each with description, active/inactive status, and API access flag. Permissions are entity-scoped and assigned to roles. Each user gets one role that determines their access.

Access Control

Control Who Sees What,Precisely

Granular permission control down to individual fields and records. Create custom roles, manage team access, and ensure data security without complexity.

Try Free Learn More

Live demo

Security That Scales

From simple permissions to enterprise-grade security, control exactly who can access what in your applications

Granular Permission Control

Control access down to individual fields and records. Set permissions on specific data columns, restrict row access based on user attributes, and create complex access rules without writing security code

Custom Role Management

Create unlimited custom roles with specific permission sets. From basic user access to complex departmental hierarchies, design roles that match your business structure exactly.

Row-Level Security (RLS)

Users only see data they're allowed to access. Perfect for multi-tenant applications, client portals, and scenarios where data isolation is critical for business or compliance reasons.

Field-Level Visibility

Hide sensitive fields from specific user types whilst keeping the rest of the record accessible. Salary information for HR only, customer details for sales team, perfect granular control.

API Permission Integration

All access controls automatically apply to your APIs. No separate security layer to build - permissions set in the interface automatically protect all API endpoints and data access.

User Relationship Integration

Link users directly to business data for automatic ownership and access controls. Orders belong to customers, projects belong to team members - natural security that follows your business logic

Granular Permission Control

01 / 06

In Practice

Permissions that match how your product actually works

roles.ts

await client.roles.create({
  name: 'editor',
  permissions: [
    { entity: 'articles', actions: ['read', 'create', 'update'] },
    { entity: 'media',    actions: ['read', 'create'] },
    // No delete — admins only
  ]
})

What you can build

Multi-team SaaS with workspace isolation

Users see only their organisation's data. Admins see everything. Super admins manage across organisations. Row-level security enforces all of this at the database layer — you configure it once, it works everywhere.

Client portals with granular visibility

Give clients access to their own data without ever seeing other clients. Field-level controls mean they see their invoices, their files, their contacts — and nothing else. No custom query logic required.

Regulated products with audit-grade access logs

Every read and write is logged against the authenticated user. Compliance requirements around data access become a configuration exercise, not an engineering project.

Frequently Asked Questions

Still have questions?

Get in Touch

Ready to build with security built in?

Build applications with enterprise-grade security that's as easy to configure as it is powerful to use. Your users get exactly the access they need, nothing more.

Start Today

Control Who Sees What,Precisely

Security That Scales

Granular Permission Control

Custom Role Management

Row-Level Security (RLS)

Field-Level Visibility

API Permission Integration

User Relationship Integration

Permissions that match how your product actually works

Multi-team SaaS with workspace isolation

Client portals with granular visibility

Regulated products with audit-grade access logs

Frequently Asked Questions

Ready to build with security built in?

Product

Solutions

For me?

Get Started