# Manage Resources

Authing designs an authorization model around the core concept of resource, which is also the best mode we recommend. Authing has built-in the following resources:

  • User pool configuration items
  • User
  • Application
  • Roles
  • Groups
  • organization

Regarding the resources of your business system, Authing does not actually store its actual data. You only need to tell Authing its unique identifier in your business system, such as:

  • books:123 means the book whose ID is 123
  • books:* means all books

Each type of resource can define multiple operations, such as:

  • books:edit indicates the authority to edit books
  • books:delete indicates the permission to delete books
  • books:* means all books related permissions

You can create a policy BooksSuperManager: the users or roles granted this policy will have all operations permissions for all books.

  "statements": [
      "resource": "books:*",
      "action": ["books:*"],
      "effect": "ALLOW"

Next, you can learn about the details of Management Policy and Authorize Policy to User or User:

Manage Strategy