Skip to main content


Warrant helps you enforce access control by allowing you to specify authorization rules down to each user in your application. To do so, Warrant just needs a unique userId for each of your users.

The Users API provides a way to register users in Warrant without sharing all user data. You can either provide the user's unique id as defined in your system or let Warrant generate a unique userId for you. In either scenario, a unique userId is always required for authorization requests to Warrant.

Provided IDs

One way to create users in Warrant is to create them using the same id you use to identify them in your system. This id should be a unique id generated by your database or an id given to the user by a third-party authentication provider.

This approach is easier because you don't need to track a separate Warrant-specific user id for each of your users. For example, if you have a user named Tony Stark with id d6ed6474-784e-407e-a1ea-42a91d4c52b9 in your system, you can create a user in Warrant with the same userId.

Warrant-generated IDs

If you don't provide a userId on user creation, Warrant will generate a userId for that user.

Note that in this case, you will need to store this userId as a new field in your system and include it in all authorization requests for that user. We recommend creating a warrantId field or column (per user) in your database to store this id for future calls to Warrant.

Dealing with Existing Users

If you're integrating Warrant into a live system, chances are that you already have many existing users. The simplest way to add these existing users in Warrant is to add the Warrant user creation logic to your login flow. This way, your existing users will onboard into Warrant the next time they login.

To onboard all of your users at once, you can bulk-create them in Warrant. The easiest way to do this is via a script that calls the create user API for each of your existing users.

We'll be adding a CLI tool in the future to make this process easier.