Skip to content

Training Grant Permissions with Policies

Craig Scott edited this page Jun 9, 2026 · 1 revision

Training: Grant Permissions with Policies

What you'll learn: how Fuuz application permissions flow — Policy → Policy Group → Role — and how to wire the chain end to end. You need: Administrator access type, any application, an existing role (create one first). Time: 10 minutes.

Before you start

Permissions are defined once in a Policy, bundled into a Policy Group, and attached to a Role. Users get the role; everything upstream is reusable. Build in this order: policy → group → role.

Steps

Part 1 — Create the policy

  1. Go to Left menu → Access Control → Policies. (Fallback: header Search.)
  2. Click +. Enter a Name (e.g. Screen Access) and Description, then click the orange +. You land on the policy's detail page.
  3. In the Policy Editor, click + to add a statement.
  4. Pick a base for the statement: GraphQL, Orchestration, Integration, Websocket, or Screen.
  5. Check the actions and resources the statement covers — e.g. Actions ▸ Screens, Resources ▸ All Screens. The statement header summarizes itself ("Screen: 1 Action, 1 Resource, 0 Rules"). Policy statement
  6. Click Save (💾). A toast confirms "Data updated successfully."

Part 2 — Create the policy group and attach the policy

  1. Go to Left menu → Access Control → Policy Groups.
  2. Click +, enter a Name (e.g. Operators) and Description, click the orange +. Policy groups
  3. Click the group's Name to open it, then open the ATTACHED POLICIES tab.
  4. Click the link icon (🔗), pick your policy from the Policy dropdown, and click the orange 🔗. Toast: "Policy attached successfully." Attach policy

Part 3 — Attach the group to the role

  1. Go to Left menu → Access Control → Roles and open your role.
  2. Open the ATTACHED POLICY GROUPS tab.
  3. Click the link icon (🔗), pick your policy group, click the orange 🔗. Toast: "Role attached successfully." Attach group to role

Check your work

Open the role's DETAILS tab: Effective Permissions now shows the inherited statement (e.g. "Screen: 1 Action, 1 Resource, 0 Rules"). This view is read-only — to change permissions, edit the policy, never the role.

Effective permissions

Full wiring walkthrough: Policy wiring

Try it yourself

Create a second policy with a GraphQL base statement, attach it to the same group, and watch the role's Effective Permissions update without touching the role.

Related training

Training: Create a Role · Training: Invite a User to an Application

🏠 Home

Getting Started (14)
Training Guides (52)

Applications

Access & Users

Data Models & Schema

Screens

Weather Lookup Series — guided 3-part build

Data Flows & Integrations

Data, Reporting & Monitoring

Enterprise & Organizations

Platform Concepts & Architecture (10)
Screens & Application Design (17)
Data Models & Schema (8)
Data Flows & Scripting (51)

Designing Flows

Data Flow Nodes

JSONata Reference

Scripting

Integrations & Connectors (30)

General & iPaaS

Plex

EDI

IIoT & Edge Gateway (18)

Physical Device Connectors

Edge Data Connectors

Reporting, Documents & Dashboards (8)
Administration & Access Control (27)
Data Management (8)
Accelerators, Templates & Packages (8)
Design Standards (1)
How-To Guides (8)
FAQ & Troubleshooting (1)
Release Notes (117)

2026

2025

2024

2023

2022

2021

2020

Policies & Company (6)

Clone this wiki locally