Back
news

Introducing Directus 11: Release Candidate with Policies

Directus 11 is here with policies - our key new feature making access control more powerful and flexible in your projects.
Introducing Directus 11: Release Candidate with Policies

We are thrilled to announce the Release Candidate of Directus 11, which marks a significant overhaul in how we manage access control. Over the past few months, our team has been dedicated to researching and developing our key new feature — Policies.

Introducing Policies

Policies revolutionize the way you compose access control for your roles and users. Unlike in Directus 10, where permissions were directly attached to roles, making it necessary to create multiple similar roles to achieve the desired granularity, Policies provide a level of abstraction for more flexible projects.

Key Benefits and Features

  1. Enhanced Granularity: In Directus 10, permissions were singularly tied to roles, limiting users to one set of permissions. With Policies, you can now attach multiple policies to any role or user, allowing for finer control and easier management.
  2. Reusable Permission Sets: Policies act as an abstraction layer, enabling permissions to be reused across roles and users. This means you can create a set of permissions once and apply them to multiple roles or users as needed.
  3. Flexible Assignments: Policies can be added directly to a role, a user, or both. This flexibility ensures that you can manage permissions more effectively and cater to various project needs.

Practical Examples

  • Website Management: Create a "Page Edit" Policy with permissions required to edit website pages. Assign this Policy to both your Marketing and Engineering roles.
  • Sales Reporting: Develop a "View Quarterly Results" Policy for your Analysts, Account Executives, and Demand Team to access quarterly results. This approach allows different roles to share related permissions without duplication.
  • Multi-Tenant Systems: Configure individual roles per tenant while relying on shared Policies for permissions. This centralized management keeps tenant permissions separate yet easily controlled.

What About Roles?

Roles still exist, but now serve a different purpose. Instead of being permissions-based, Roles can either be used as groupings of policies that can be applied to users, or as true organizational units to describe a person’s position within your business.

As with previous releases, we are providing an automatic migration from Directus 10 to Directus 11 to help you seamlessly transition to using Policies. Permissions attached to existing roles will be converted into a single policy, that will be assigned to the role. You can then explore the new policies feature when you’re ready.

We are confident that this new flexibility will simplify the management of complex projects and make your life easier.

Directus 11 RC will be available later this week. Please share your thoughts in our #directus-11-rc channel on Discord.