Skip to main content

Permify Toolkit

The TypeScript toolkit for Permify.
Type-safe schemas, NestJS guards, and CLI — all from one config file.

Get Started API Reference
TypeScriptNestJSgRPCPermify
Why Permify Toolkit

Everything you need, nothing you don't

Fine-grained authorization for TypeScript apps — without the gRPC boilerplate.

Type-Safe Schema DSL

Define entities, relations, and permissions in TypeScript. Full IDE autocomplete — catch schema errors at compile time, not at runtime.

NestJS-First

Drop-in PermifyModule, @CheckPermission() decorator, and guard with AND/OR multi-permission logic. One line to protect a route.

CLI Included

Push schemas and seed relationships from your terminal. Reads your permify.config.ts — no flags, no duplication.

One Config File

permify.config.ts is the single source of truth. Your app, NestJS module, and CLI all consume it.

Zero gRPC Boilerplate

Connect with a single function call. checkPermission() and writeRelationships() handle all the plumbing.

Production Ready

TLS support, auth tokens, custom timeouts, environment variable config, and async NestJS module initialization.

01 / Config

Define your schema once

Write your authorization model in TypeScript with full type safety. The same config file powers your app, CLI, and NestJS module.

Learn about configuration
permify.config.ts
import { defineConfig, schema, entity, relation, permission } from "@permify-toolkit/core";

export default defineConfig({
  tenant: "t1",
  client: { endpoint: "localhost:3478", insecure: true },
  schema: schema({
    user: entity({}),
    document: entity({
      relations: { owner: relation("user"), viewer: relation("user") },
      permissions: {
        edit: permission("owner"),
        view: permission("viewer or owner"),
      },
    }),
  }),
});
documents.controller.ts
@Get(":id")
@UseGuards(PermifyGuard)
@CheckPermission("document.view")
findOne(@Param("id") id: string) {
  return this.documentsService.findOne(id);
}
02 / NestJS

Protect routes in one line

Use the @CheckPermission() decorator with PermifyGuard to enforce authorization. Supports single permissions, AND, and OR evaluation modes.

NestJS docs
03 / CLI

Push from your terminal

Push schemas and seed relationships without writing scripts. The CLI reads your config — no flags needed for tenant or endpoint.

CLI docs
Terminal
$ permify-toolkit schema push
Schema pushed successfully to tenant "t1"

$ permify-toolkit relationships seed -f ./data/relationships.json
Seeded 42 relationships to tenant "t1"
Packages

Three focused packages

Install only what you need. Each package is independently versioned and published.

@permify-toolkit/coreSDK

Schema DSL, client factory, permission & relationship helpers

$pnpm add @permify-toolkit/core
@permify-toolkit/nestjsFramework

NestJS module, guard, service, and decorators

$pnpm add @permify-toolkit/nestjs
@permify-toolkit/cliCLI

Schema push and relationship seeding from the terminal

$pnpm add -D @permify-toolkit/cli

Ready to add fine-grained authorization?

Get started in under 5 minutes. Define your schema, push it, and protect your routes.

Get Started Star on GitHub