---
title: App Permissions
description: How Cuitty Code Apps request, receive, and use granular permissions.
section: Code
order: 12
updatedAt: 2026-05-21
slug: code/app-permissions
---
Cuitty Code Apps use least-privilege grants. The app manifest declares requested resources, actions, and reasons. The installer approves those permissions for a specific target.

At runtime, the app uses an installation token. Cuitty maps that token to the installation and checks the requested operation against SpiceDB before doing any work.

## Upgrade behavior

When a new app version asks for more access, Cuitty shows a permission diff before upgrade. Existing installs do not silently receive new privileges.

## Denied operations

If an app installed to one repository tries to publish a package or change an organization registry policy, the request is denied unless that grant was explicitly approved for the install.