Check
POST /v1/check
Section titled “POST /v1/check”Check a single authorization relationship.
Request
{ "subject": "user:alice", "relation": "editor", "object": "document:42"}Response 200
{ "authorized": true, "checked_at": "2026-04-14T10:22:00Z"}POST /v1/check/bulk
Section titled “POST /v1/check/bulk”Batch authorization check. Max 100 per call. Results are returned in input order.
Request
{ "checks": [ { "subject": "user:alice", "relation": "editor", "object": "document:42" }, { "subject": "user:bob", "relation": "viewer", "object": "document:42" } ]}Response 200
{ "results": [ { "authorized": true }, { "authorized": false } ], "checked_at": "2026-04-14T10:22:00Z"}Errors
Section titled “Errors”| Status | Type | Meaning |
|---|---|---|
| 400 | invalid-subject | Subject is not of the form namespace:external_id. |
| 400 | invalid-relation | Relation is not one of the built-in relations. |
| 400 | invalid-object | Object is not of the form namespace:external_id. |
| 400 | bulk-too-large | More than 100 checks in a single request. |
| 401 | unauthorized | Missing or invalid bearer token. |
| 429 | rate-limited | Per-tenant rate limit exceeded. |