diff --git a/CHANGELOG.md b/CHANGELOG.md
index a024f1a8..ee87d586 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,6 +6,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.14.0] - 2022-05-05
+- User Roles interface
+
 ## [2.13.0] - 2022-03-04
 
 ### Added
diff --git a/build.gradle b/build.gradle
index 9172a4fb..7d1883a0 100644
--- a/build.gradle
+++ b/build.gradle
@@ -2,7 +2,7 @@ plugins {
     id 'java-library'
 }
 
-version = "2.13.0"
+version = "2.14.0"
 
 repositories {
     mavenCentral()
diff --git a/src/main/java/io/supertokens/pluginInterface/RECIPE_ID.java b/src/main/java/io/supertokens/pluginInterface/RECIPE_ID.java
index e0ada4a2..684fe3b2 100644
--- a/src/main/java/io/supertokens/pluginInterface/RECIPE_ID.java
+++ b/src/main/java/io/supertokens/pluginInterface/RECIPE_ID.java
@@ -20,7 +20,8 @@
 public enum RECIPE_ID {
 
     EMAIL_PASSWORD("emailpassword"), THIRD_PARTY("thirdparty"), SESSION("session"),
-    EMAIL_VERIFICATION("emailverification"), JWT("jwt"), PASSWORDLESS("passwordless"), USER_METADATA("usermetadata");
+    EMAIL_VERIFICATION("emailverification"), JWT("jwt"), PASSWORDLESS("passwordless"), USER_METADATA("usermetadata"),
+    USER_ROLES("userroles");
 
     private final String name;
 
diff --git a/src/main/java/io/supertokens/pluginInterface/userroles/UserRolesStorage.java b/src/main/java/io/supertokens/pluginInterface/userroles/UserRolesStorage.java
new file mode 100644
index 00000000..216b7a2a
--- /dev/null
+++ b/src/main/java/io/supertokens/pluginInterface/userroles/UserRolesStorage.java
@@ -0,0 +1,54 @@
+/*
+ *    Copyright (c) 2022, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.userroles;
+
+import com.google.gson.JsonObject;
+import io.supertokens.pluginInterface.Storage;
+import io.supertokens.pluginInterface.exceptions.StorageQueryException;
+import io.supertokens.pluginInterface.userroles.exception.DuplicateUserRoleMappingException;
+import io.supertokens.pluginInterface.userroles.exception.UnknownRoleException;
+
+public interface UserRolesStorage extends Storage {
+
+    // associate a userId with a role that exists
+    void addRoleToUser(String userId, String role)
+            throws StorageQueryException, UnknownRoleException, DuplicateUserRoleMappingException;
+
+    // get all roles associated with the input userId
+    String[] getRolesForUser(String userId) throws StorageQueryException;
+
+    // get all users associated with the input role
+    String[] getUsersForRole(String role) throws StorageQueryException;
+
+    // get permissions associated with the input role
+    String[] getPermissionsForRole(String role) throws StorageQueryException;
+
+    // get roles associated with the input permission
+    String[] getRolesThatHavePermission(String permission) throws StorageQueryException;
+
+    // delete a role
+    boolean deleteRole(String role) throws StorageQueryException;
+
+    // get all created roles
+    String[] getRoles() throws StorageQueryException;
+
+    // check if input roles exists
+    boolean doesRoleExist(String role) throws StorageQueryException;
+
+    // delete all roles for the input userId
+    int deleteAllRolesForUser(String userId) throws StorageQueryException;
+}
diff --git a/src/main/java/io/supertokens/pluginInterface/userroles/exception/DuplicateUserRoleMappingException.java b/src/main/java/io/supertokens/pluginInterface/userroles/exception/DuplicateUserRoleMappingException.java
new file mode 100644
index 00000000..6596220a
--- /dev/null
+++ b/src/main/java/io/supertokens/pluginInterface/userroles/exception/DuplicateUserRoleMappingException.java
@@ -0,0 +1,25 @@
+/*
+ *    Copyright (c) 2022, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.userroles.exception;
+
+import java.io.Serial;
+
+public class DuplicateUserRoleMappingException extends UserRolesException {
+
+    @Serial
+    private static final long serialVersionUID = -7619796272179436664L;
+}
diff --git a/src/main/java/io/supertokens/pluginInterface/userroles/exception/UnknownRoleException.java b/src/main/java/io/supertokens/pluginInterface/userroles/exception/UnknownRoleException.java
new file mode 100644
index 00000000..a76970bd
--- /dev/null
+++ b/src/main/java/io/supertokens/pluginInterface/userroles/exception/UnknownRoleException.java
@@ -0,0 +1,24 @@
+/*
+ *    Copyright (c) 2022, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.userroles.exception;
+
+import java.io.Serial;
+
+public class UnknownRoleException extends UserRolesException {
+    @Serial
+    private static final long serialVersionUID = -8116261429148675130L;
+}
diff --git a/src/main/java/io/supertokens/pluginInterface/userroles/exception/UserRolesException.java b/src/main/java/io/supertokens/pluginInterface/userroles/exception/UserRolesException.java
new file mode 100644
index 00000000..4024b676
--- /dev/null
+++ b/src/main/java/io/supertokens/pluginInterface/userroles/exception/UserRolesException.java
@@ -0,0 +1,24 @@
+/*
+ *    Copyright (c) 2022, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.userroles.exception;
+
+import java.io.Serial;
+
+public class UserRolesException extends Exception {
+    @Serial
+    private static final long serialVersionUID = 5476530661862027675L;
+}
diff --git a/src/main/java/io/supertokens/pluginInterface/userroles/sqlStorage/UserRolesSQLStorage.java b/src/main/java/io/supertokens/pluginInterface/userroles/sqlStorage/UserRolesSQLStorage.java
new file mode 100644
index 00000000..0a51a071
--- /dev/null
+++ b/src/main/java/io/supertokens/pluginInterface/userroles/sqlStorage/UserRolesSQLStorage.java
@@ -0,0 +1,48 @@
+/*
+ *    Copyright (c) 2022, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.pluginInterface.userroles.sqlStorage;
+
+import io.supertokens.pluginInterface.exceptions.StorageQueryException;
+import io.supertokens.pluginInterface.sqlStorage.SQLStorage;
+import io.supertokens.pluginInterface.sqlStorage.TransactionConnection;
+import io.supertokens.pluginInterface.userroles.UserRolesStorage;
+import io.supertokens.pluginInterface.userroles.exception.UnknownRoleException;
+
+public interface UserRolesSQLStorage extends UserRolesStorage, SQLStorage {
+
+    // delete role associated with the input userId from the input roles
+    boolean deleteRoleForUser_Transaction(TransactionConnection con, String userId, String role)
+            throws StorageQueryException;
+
+    // create a new role if it doesnt exist
+    boolean createNewRoleOrDoNothingIfExists_Transaction(TransactionConnection con, String role)
+            throws StorageQueryException;
+
+    // associate a permission with a role
+    void addPermissionToRoleOrDoNothingIfExists_Transaction(TransactionConnection con, String role, String permission)
+            throws StorageQueryException, UnknownRoleException;
+
+    // delete a permission associated with the input role
+    boolean deletePermissionForRole_Transaction(TransactionConnection con, String role, String permission)
+            throws StorageQueryException;
+
+    // delete all permissions associated with the input role
+    int deleteAllPermissionsForRole_Transaction(TransactionConnection con, String role) throws StorageQueryException;
+
+    // check if a role exists
+    boolean doesRoleExist_Transaction(TransactionConnection con, String role) throws StorageQueryException;
+}