Skip to main content
Internal Documentation Only: If you’re not a Null Tools developer, you can close this documentation or visit the Apps section to learn more about using Null Pass in your applications.

Overview

Null Pass manages access to multiple services through a unified entitlement system. Each user can have entitlements for different services with tier-based access control, custom limits, and subscription integration.

Supported Services

DROP

File storage and sharing service

MAILS

Email management service

VAULT

Secure credential storage

DB

Database service access

Service Entitlement Model

Each service entitlement (UserServiceEntitlement) contains:
id
string
Unique entitlement ID
userId
string
User ID
service
ServiceIdentifier
Service identifier: DROP, MAILS, VAULT, or DB
tier
string
default:"free"
Access tier (e.g., “free”, “premium”, “enterprise”)
isPremium
boolean
default:"false"
Premium access flag
accessFlags
object
Custom access flags (JSON object). Used for fine-grained permission control.Example (DROP):
{
  "isNullDropTeam": Boolean,
  "nullDropTeamRole": "Role",
  "accessFilesPreview": Boolean,
  "accessFilesDownload": Boolean
}
accessFlags Values:
  • "founder" - Founder role
  • "dev" - Developer role
  • "moderator" - Moderator role
  • "" - Empty for regular member (default)
metadata
object
Service-specific metadata (JSON object). Stores user preferences and service configuration.Example (DROP):
{
  "onboarding": {
    "onboarding_completed": Boolean,
    "onboarding_uploads_completed": Boolean
  },
  "blurGalleryMedia": Boolean,
  "userAcceptedCookies": Boolean,
  "userHideProfileInfo": Boolean,
  "defaultUploadVisibility": Boolean
}
customStorageLimit
number
Custom storage limit in bytes (null for default)
customApiKeyLimit
number
Custom API key limit (null for default)
connected
boolean
default:"true"
Whether service is connected/enabled
polarCustomerId
string
Polar customer ID (for subscription integration)
polarSubscriptionId
string
Polar subscription ID
polarSubscriptionStatus
string
Polar subscription status
createdAt
string
Entitlement creation timestamp
updatedAt
string
Last update timestamp

Database Schema

model UserServiceEntitlement {
  id                      String            @id @default(cuid())
  userId                  String
  service                 ServiceIdentifier
  tier                    String            @default("free")
  isPremium               Boolean           @default(false)
  accessFlags             Json?
  metadata                Json?
  connected               Boolean           @default(true)
  customStorageLimit      Int?
  customApiKeyLimit       Int?
  polarCustomerId         String?
  polarSubscriptionId     String?
  polarSubscriptionStatus String?
  createdAt               DateTime          @default(now())
  updatedAt               DateTime          @updatedAt
  user                    User              @relation(fields: [userId], references: [id], onDelete: Cascade)
}

Service Identifiers

enum ServiceIdentifier {
  DROP
  MAILS
  VAULT
  DB
}

Access Control

Service access is checked through:
  1. Tier-based: Free, premium, enterprise tiers
  2. Premium flag: Boolean premium access
  3. Custom limits: Storage and API key limits
  4. Connection status: Whether service is connected
  5. Access flags: Custom JSON flags for fine-grained control

Get Service Access

Retrieve user’s service entitlements

Update Service

Update service entitlement