Permission system is now online

The new permission system is now online and usable by all users. Right now it’s hidden behind a feature toggle on your account page. Once enabled you can now:

  • Share access to your account with other users, only granting the permissions based on what their role should be.
  • Access shared accounts with a click of a button if other users invite you.
  • Use some pre-configured permission rules or build your own.
  • Create more than one API key, each with its own permissions.

And a ton more. Feedback or questions on how to use all this are very welcome. Feel free to toy around with the system: You can never lock yourself out of your own account.


Great work as always Florian :slight_smile:

Another tiny example of what new possibilities this opens up: I’ve just updated the flap display package, so it can now react to pushed device messages. I’ve installed that package on one of my devices and created a policy that only allows the mentioned push API for that exact device. The policy looks like this:

  "Statements": [
      "Action": "device:node-message",
      "Condition": {
        "NumericEquals": {
          "device:id": 7828
        "StringEquals": {
          "message:path": "root/append"
      "Effect": "allow"
  "Version": 1

I’ve created and ACL with only this policy, created a new self-access to my account and grabbed its API key. You can now send me messages on the display I’ll keep running a bit using:

curl -u:b0368fe7b8c0df307bcbd454564674ae \ \
  -d 'data=Hello there!'

Result on the screen:


Feel free to send me your own text in the next few hours!

info-beamer - Digital Signage for the Raspberry Pi community forum - Imprint