> ## Documentation Index > Fetch the complete documentation index at: https://proxy-docs.permify.co/llms.txt > Use this file to discover all available pages before exploring further. # Write Schema Permify provide it's own authorization language to model common patterns of easily. We called the authorization model Permify Schema and it can be created on our [playground](https://play.permify.co/) as well as in any IDE or text editor. We also have a [VS Code extension](https://marketplace.visualstudio.com/items?itemName=Permify.perm) to ease modeling Permify Schema with code snippets and syntax highlights. Note that on VS code the file with extension is ***".perm"***. If you're planning to test Permify manually, maybe with an API Design platform such as [Postman](https://www.postman.com/), [Insomnia](https://insomnia.rest/), etc; we're suggesting using our playground to create model. Because Permify Schema needs to be configured (send to API) in Permify API in a **string** format. Therefore, created model should be converted to **string**. Although, it could easily be done programmatically, it could be little challenging to do it manually. To help on that, we have a button on the playground to copy created model to the clipboard as a string, so you get your model in string format easily. ![copy-btn](https://user-images.githubusercontent.com/34595361/198015792-a7f0d727-a1a5-4039-b0be-d097321b8d53.png) Permify Schema needed to be send to API endpoint **/v1/tenants/{tenant_id}/schemas/write** for configuration of your authorization model on Permify API. ### Example Request on Postman **POST** `/v1/tenants/{tenant_id}/schemas/write` ![permify-schema](https://user-images.githubusercontent.com/34595361/197405641-d8197728-2080-4bc3-95cb-123e274c58ce.png) See the following FAQ page to refer to the suggested workflow for: [Managing Schema Changes](../../permify-overview/faqs#how-to-manage-schema-changes). ## OpenAPI ````yaml post /v1/tenants/{tenant_id}/schemas/write openapi: 3.0.0 info: title: Permify API description: >- Permify is an open source authorization service for creating fine-grained and scalable authorization systems. version: v1.6.10 contact: name: API Support url: https://github.com/Permify/permify/issues email: hello@permify.co license: name: AGPL-3.0 license url: https://github.com/Permify/permify/blob/master/LICENSE servers: [] security: [] tags: - name: Permission - name: Watch - name: Schema - name: Data - name: Bundle - name: Tenancy paths: /v1/tenants/{tenant_id}/schemas/write: post: tags: - Schema summary: write schema operationId: schemas.write parameters: - name: tenant_id description: >- Identifier of the tenant, if you are not using multi-tenancy (have only one tenant) use pre-inserted tenant t1 for this field. Required, and must match the pattern \“[a-zA-Z0-9-,]+\“, max 64 bytes. in: path required: true schema: type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/Schema.WriteBody' required: true responses: '200': description: A successful response. content: application/json: schema: $ref: '#/components/schemas/SchemaWriteResponse' default: description: An unexpected error response. content: application/json: schema: $ref: '#/components/schemas/Status' x-codeSamples: - label: go lang: go source: >- sr, err := client.Schema.Write(context.Background(), &v1.SchemaWriteRequest{ TenantId: "t1", Schema: ` entity user {} entity organization { relation admin @user relation member @user action create_repository = (admin or member) action delete = admin } entity repository { relation owner @user relation parent @organization action push = owner action read = (owner and (parent.admin and parent.member)) action delete = (parent.member and (parent.admin or owner)) } `, }) - label: node lang: javascript source: |- client.schema.write({ tenantId: "t1", schema: ` entity user {} entity organization { relation admin @user relation member @user action create_repository = (admin or member) action delete = admin } entity repository { relation owner @user relation parent @organization action push = owner action read = (owner and (parent.admin and parent.member)) action delete = (parent.member and (parent.admin or owner)) } ` }).then((response) => { // handle response }) - label: cURL lang: curl source: >- curl --location --request POST 'localhost:3476/v1/tenants/{tenant_id}/schemas/write' \ --header 'Content-Type: application/json' \ --data-raw '{ "schema": "entity user {}\n\n entity organization {\n\n relation admin @user\n relation member @user\n\n action create_repository = (admin or member)\n action delete = admin\n }\n\n entity repository {\n\n relation owner @user\n relation parent @organization\n\n action push = owner\n action read = (owner and (parent.admin and parent.member))\n action delete = (parent.member and (parent.admin or owner))\n }" }' components: schemas: Schema.WriteBody: type: object properties: schema: type: string description: schema is the string representation of the schema to be written. description: >- SchemaWriteRequest is the request message for the Write method in the Schema service. It contains tenant_id and the schema to be written. SchemaWriteResponse: type: object properties: schema_version: type: string description: >- schema_version is the string that identifies the version of the written schema. description: >- SchemaWriteResponse is the response message for the Write method in the Schema service. It returns the version of the written schema. Status: type: object properties: code: type: integer format: int32 message: type: string details: type: array items: $ref: '#/components/schemas/Any' Any: type: object properties: '@type': type: string description: >- A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one "/" character. The last segment of the URL's path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading "." is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics. additionalProperties: {} description: >- `Any` contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message. Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type. Example 1: Pack and unpack a message in C++. Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... } Example 2: Pack and unpack a message in Java. Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); } Example 3: Pack and unpack a message in Python. foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... Example 4: Pack and unpack a message in Go foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z". JSON ==== The JSON representation of an `Any` value uses the regular representation of the deserialized, embedded message, with an additional field `@type` which contains the type URL. Example: package google.profile; message Person { string first_name = 1; string last_name = 2; } { "@type": "type.googleapis.com/google.profile.Person", "firstName": , "lastName": } If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field `value` which holds the custom JSON in addition to the `@type` field. Example (for message [google.protobuf.Duration][]): { "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" } ````