Common Use Cases

From B2B SaaS to internal tools, here is how teams use Bailiff.

SaaS Roles & Permissions

The Scenario

You are building a B2B SaaS. Customers have teams. Each team has Admins, Editors, and Viewers.

The Solution

Create a tenant group for each customer. Assign users roles within that tenant. Bailiff ensures complete isolation between tenants automatically.

Tenant A
1
Admin
2
Viewer
πŸ”’
Tenant B

Plan-based Entitlements

The Scenario

You have Free, Pro, and Enterprise plans. Pro gets access to "Analytics", Enterprise gets "SSO".

The Solution

Model plans as groups. Assign feature flags like feature:analytics to the Pro group. When a customer upgrades, just add them to the group. No code changes.

Free
Selected
Pro Plan
βœ“ Analytics
βœ“ Export
Enterprise

Google Docs–style Collaboration

The Scenario

Users create documents and organize them in folders. They want to share a folder with a colleague and have them see everything inside.

The Solution

Use Bailiff's recursive relationship checks. If User A has viewer on Folder X, and Document Y is inside Folder X, User A can view Document Y.

πŸ“‚
Shared Folder
U
πŸ“„
Doc A
Access OK
πŸ“„
Doc B
Access OK

Internal Admin Tools

The Scenario

Your support team needs to view customer data, but your engineers need full database access.

The Solution

Use the same Bailiff instance for your internal tools. Create a "Support Agent" role that grants read-only access to specific resources, auditing every single view.

Audit Log
10:41:02 system backup_started
10:42:15 agent_sarah VIEW customer:12345
10:42:16 agent_sarah DELETE customer:12345 [DENIED]
10:43:00 engineer_mike UPDATE db_schema

Ready to fix authorization?

Join the waitlist and be among the first to get enterprise-grade authorization without the enterprise bill.