New Feature
Introducing Organization Attributes

With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

Introducing Organization Attributes

Introducing Organization Attributes: Store Tenant-Level Data

Today we are excited to announce a powerful new feature: Organization Attributes. With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

Key features include:

  • Store data at the organization level, separate from user data
  • Organize data into attribute “buckets” with different visibility and access levels
  • Org-level, granular encryption with an hardware root of trust
  • Multi-region replication for even higher availability

Typical use cases include storing billing data, tags, secrets, feature flags, and more.

How It Works

With the organization attributes APIs, you POST key-value pairs into named attribute buckets for a given organization ID. For example, to store some billing information and feature tags for ACME Corp, you could make a request like:

curl -X PUT https://api.slashid.com/organizations/attributes \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \
  -H "Content-Type: application/json" \
  -d '{
    "end_user_no_access": {
        "billing": {
        "plan": "enterprise",
        "status": "paid",
        "subscriptionEnd": "2023-12-31"
        },
        "tags": {
        "region": "us-west",
        "segment": "enterprise"
        }
    }
  }'

This stores the given attributes in the end_user_no_access bucket (more on buckets below) for the given SlashID-OrgID. To fetch all attributes across buckets:

curl -X GET https://api.slashid.com/organizations/attributes \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

To fetch just the billing attribute:

curl -X GET https://api.slashid.com/organizations/attributes/end_user_no_access?attributes=billing \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

And to delete the tags attribute:

curl -X DELETE "https://api.slashid.com/organizations/attributes/end_user_no_access?attributes=tags" \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

Simple and powerful! You can store up to 64KB per attribute value, with attribute names up to 70 bytes. Access is controlled via RBAC policies.

Access control and visibility

Earlier we briefly mentioned the concept of a bucket. A bucket in SlashID is a container of attributes with a specific level of access and visibility.

You can see all available buckets for organization attributes with the following call:

curl -X GET https://api.slashid.com/organizations/attribute-buckets \
  -H 'SlashID-OrgID: 65e43220-439d-7ae5-9934-d1c4999c8d64' \
  -H 'SlashID-API-Key: <API_KEY_VALUE>' \

Two core concepts apply to buckets, one is the sharing scope and the other is the end-user permissions.

Buckets can either be shared with the current organization exclusively or across organizations that share the same user pool. Here’s an example output of two buckets that are respectively shared only in the org and in the person pool:

    {
      "end_user_permissions": "no_access",
      "name": "end_user_no_access",
      "owner_organization_id": "65e43220-439d-7ae5-9934-d1c4999c8c54",
      "sharing_scope": "organization"
    },

    {
      "end_user_permissions": "no_access",
      "name": "person_pool-end_user_no_access",
      "sharing_scope": "person_pool"
    },

Writing an attribute in the latter pool allows any organization with the same pool of users to access, delete, and modify that attribute.

The end user permissions allow to specify whether a given bucket should be accessible and writable by an authenticated user or whether they can only be accessed through the backend with an API key.

This powerful primitive allows to have organization-level attributes that are easily visible and usable from the front end without any backend work required.

Common Use Cases

With organization attributes, you can now easily persist tenant configuration and metadata, including:

  • Billing data like plan, status, MRR, etc. Trigger flows based on changes.
  • Tags for segmentation, targeting, categorization
  • Feature flags to control rollouts and access
  • Secrets
  • Preferences and settings
  • Arbitrary metadata to power your business logic

No longer do you have to set up separate databases or caches to store this type of organization-level data. It’s now available with a simple API.

Get Started

Check out the organization attributes API reference to learn more and start using this feature in your application today. We can’t wait to see what you build with it!

Related articles

Achieving Least Privilege: Unused Entitlement Removal

New Feature

/ 5 May, 2025

Achieving Least Privilege: Unused Entitlement Removal

Unused entitlements are one of the easiest ways for an attacker to move laterally in a target environment.

However, reducing permissions is often very difficult due to availability concerns and the complexity of the permission systems.

This blog post explores how SlashID solves this problem so that customers can automatically resize identity permissions and

achieve least privilege.

Vincenzo Iozzo
Vincenzo Iozzo
Detecting Man-in-the-Middle Attacks with SlashID

New Feature

/ 26 Aug, 2024

Detecting Man-in-the-Middle Attacks with SlashID

Detect when attackers access your website through malicious proxies with SlashID.

Ivan Kovic
Ivan Kovic
SlashID RBAC: Globally-available role-based access control

New Feature

/ 22 Jul, 2024

SlashID RBAC: Globally-available role-based access control

SlashID RBAC is a globally replicated role-based access control system that allows you to restrict access to resources based on permissions assigned to specific persons.

In this post, we will show you how to use RBAC in SlashID, and how to create permissions, and roles, and assign them to persons.

Robert Laszczak
Robert Laszczak

Ready to start a top-tier security upgrade?

We use cookies to improve your experience. Read our cookie policy.