Specifies if an action is allowed, denied or conditional based on the rights provided as the first argument:

  • allowed is returned when an action is authorized without condition
  • conditional is returned when the authorization depends on a closure
  • denied is returned when the action is forbidden

An action is defined as a pair of action and controller (mandatory), plus an index and a collection(optional).

You can get the rights from Kuzzle by using Security.getUserRights and Kuzzle.getMyRights.

isActionAllowed(rights, controller, action, index, collection)

Arguments Type Description
rights JSON array Rights list
controller String The controller
action String The action
index String The index
collection String The collection

Return Value

Returns either allowed, denied or conditional.


Copied to clipboard! ResponseListener<JSONObject[]>() {
  public void onSuccess(JSONObject[] rights) {
    // Policies is an enum with the following properties:
    // allowed, denied, conditional
    Policies authorization =, "read", "get", "index1", "collection1");

  public void onError(JSONObject error) {
    // ...