SKILL-020 Teams, organizations, and multi-tenancy Locked skill

Custom permissions

Authorize on permissions, not role names — resolve roles, custom roles, and overrides into one effective set, then check that.

Unlock download Unlock downloads

What this skill helps you build

Move beyond fixed roles: feature-level permissions, customer-defined custom roles, and per-org overrides resolved into one effective permission set.

The production takeaway

Authorize on permissions, not role names — resolve roles, custom roles, and overrides into one effective set, then check that.

Inside this skill

The full skill expands these implementation areas with decisions, edge cases, prompts, tests, and framework-specific code.

Teams, organizations, and multi-tenancy

What this helps you build

A permission system that grows past a fixed list of roles. Instead of hard coding admin can do everything, member can do some things , you grant feature level permissions billing.m

🔒

Teams, organizations, and multi-tenancy

When to use this

Reach for this once a fixed role RBAC system see the RBAC permissions skill starts to strain. Concretely, you need custom permissions when: Customers ask for a role that sits betwe

🔒

Teams, organizations, and multi-tenancy

The core idea

Fixed RBAC answers "what is this user's role?" Custom permissions answer "what is this user allowed to do , right now, in this org?" — a much more stable question to build on. The

🔒

Unlock the full implementation

Paid access includes the complete skill body, implementation prompt, common mistakes, production checklist, and code examples where this skill includes them.

Unlock all skills — $199 Browse the library