ABAC Attributes

Attribute definitions declare the named properties your ABAC policies can reference on users and resources. A definition pins down the attribute's slug, data type, and default value. Separately, attribute values are the actual data attached to a specific user or resource. Policies reference attributes by slug at evaluation time.

Use this reference to manage definitions and set values over the API.

GET    /orgs/{orgId}/api/v1/abac/attributes
POST   /orgs/{orgId}/api/v1/abac/attributes
GET    /orgs/{orgId}/api/v1/abac/attributes/{attributeId}
PUT    /orgs/{orgId}/api/v1/abac/attributes/{attributeId}
DELETE /orgs/{orgId}/api/v1/abac/attributes/{attributeId}

The Attribute Object

Attribute Object
{
  "id": "01JF3KATTR...",
  "slug": "approval_limit",
  "name": "Approval Limit",
  "description": "Maximum dollar amount the user can approve",
  "dataType": "number",
  "entityType": "user",
  "defaultValue": 0,
  "createdAt": "2026-01-15T10:30:00Z"
}

Field	Description
`slug`	Unique identifier used in policy conditions
`dataType`	`string`, `number`, `boolean`, `json`
`entityType`	`user` or `resource`
`defaultValue`	Value used when the attribute is not explicitly set

List Attributes

List Attributes
curl "https://app.lumoauth.dev/orgs/acme-corp/api/v1/abac/attributes" \
  -H "Authorization: ApiKey lmk_abc123"

Create Attribute

Create an Attribute
curl -X POST https://app.lumoauth.dev/orgs/acme-corp/api/v1/abac/attributes \
  -H "Authorization: ApiKey lmk_abc123" \
  -H "Content-Type: application/json" \
  -d '{
    "slug": "approval_limit",
    "name": "Approval Limit",
    "description": "Maximum dollar amount the user can approve",
    "dataType": "number",
    "entityType": "user",
    "defaultValue": 0
  }'

Set Attribute Value on a User

Set User Attribute
curl -X PUT \
  "https://app.lumoauth.dev/orgs/acme-corp/api/v1/abac/users/01JF3KUSER.../attributes/approval_limit" \
  -H "Authorization: ApiKey lmk_abc123" \
  -H "Content-Type: application/json" \
  -d '{"value": 25000}'

Set Attributes on a Resource

Set Resource Attributes
curl -X PUT \
  "https://app.lumoauth.dev/orgs/acme-corp/api/v1/abac/resources/invoice/INV-4821/attributes" \
  -H "Authorization: ApiKey lmk_abc123" \
  -H "Content-Type: application/json" \
  -d '{
    "amount": 45000,
    "classification": "confidential",
    "department": "procurement"
  }'

Policies — reference these attributes from policy conditions.
ABAC overview — evaluation semantics.

The Attribute Object​

List Attributes​

Create Attribute​

Set Attribute Value on a User​

Set Attributes on a Resource​

Related​

The Attribute Object

List Attributes

Create Attribute

Set Attribute Value on a User

Set Attributes on a Resource

Related