PermaProxy

Proxy layer for enforcing granular permissions in any SaaS tool instantly.

Score: 7.2/10MLHard BuildReady to Spawn

Brand Colors

The Opportunity

Problem

Enterprise IT teams suffer security risks and administrative overload from lacking granular user permissions and role-based access in SaaS tools.

Solution

PermaProxy acts as a secure gateway between users and SaaS apps, intercepting requests to enforce custom RBAC rules even in apps without native support. IT teams define policies once and apply them universally, slashing admin time and risks. Transparent to end-users with zero app changes needed.

Target Audience

enterprise IT teams managing large-scale SaaS deployments

Differentiator

Universal proxy enforcement for legacy/unsupported SaaS, browser-based no-install.

Brand Voice

supportive

Features

Proxy Dashboard

must-have20h

Configure rules for URL patterns and headers per SaaS.

Rule Engine

must-have18h

Define if-then rules for block/allow/redirect based on user/role.

Browser Extension

must-have15h

Lightweight extension routes traffic through proxy.

Access Logs

must-have10h

Real-time logs of blocked/allowed requests.

Role Mapping

must-have12h

Map enterprise roles to proxy policies.

Zero-Trust Mode

must-have10h

Enforce MFA + context (device, IP) checks.

Analytics Reports

nice-to-have8h

Usage analytics on permission denials.

Team Sharing

nice-to-have6h

Share policy sets across orgs.

Custom JS Rules

nice-to-have7h

Advanced scripting for rules.

Total Build Time: 106 hours

Database Schema

organizations

Column	Type	Nullable
id	uuid	No
name	text	No
proxy_domain	text	No

Relationships:

• one-to-many with users, policies

policies

Column	Type	Nullable
id	uuid	No
organization_id	uuid	No
name	text	No
rules_json	text	No
saas_target	text	No

Relationships:

• foreign key to organizations.id

access_logs

Column	Type	Nullable
id	uuid	No
user_id	uuid	No
policy_id	uuid	No
request_url	text	No
action	text	No
timestamp	timestamp	No

Relationships:

• foreign keys to users.id, policies.id

API Endpoints

POST

/api/policies

Create proxy policy

🔒 Auth Required

POST

/api/proxy/enforce

Proxy decision endpoint (internal)

🔒 Auth Required

GET

/api/logs

Fetch access logs

🔒 Auth Required

POST

/api/extension/auth

Auth extension to org

Tech Stack

Frontend

Next.js 14 + Tailwind + shadcn/ui

Backend

Next.js + Supabase Edge Functions

Database

Supabase Postgres

Auth

Supabase Auth

Payments

Stripe

Hosting

Vercel

Additional Tools

Chrome Extension APICloudflare Workers for proxy

Build Timeline

Week 1: Core proxy logic

25h

✓ Edge function proxy
✓ Basic rules
✓ DB setup

Week 2: Dashboard and rules UI

25h

✓ Policy editor
✓ Logs viewer

Week 3: Extension

30h

✓ Chrome ext MVP
✓ Auth flow

Week 4: Features and payments

20h

✓ Role mapping
✓ Zero-trust
✓ Stripe

Week 5: Polish

15h

✓ Analytics
✓ Tests
✓ Landing

Total Timeline: 5 weeks • 115 hours

Pricing Tiers

Free

$0/mo

100 req/day

✓1 policy
✓Basic logs

Pro

$35/mo

10k req/mo

✓Unlimited policies
✓Advanced rules
✓Team extension

Enterprise

$199/mo

None

✓All Pro + Custom JS
✓Unlimited req
✓SLA

Revenue Projections

Month	Users	Conversion	MRR	ARR
Month 1	80	4%	$112	$1,344
Month 6	700	9%	$2,205	$26,460

Unit Economics

$90

CAC

$2000

LTV

Churn

88%

Margin

LTV:CAC Ratio: 22.2xExcellent!

Landing Page Copy

Proxy Permissions Where SaaS Falls Short

Enforce granular access in any app via our invisible proxy – secure without the hassle.

Feature Highlights

✓Universal SaaS coverage

✓Rule-based enforcement

✓Zero user friction

✓Real-time logs

✓Enterprise roles

Social Proof (Placeholders)

"'Secured legacy tools overnight.' - Security Officer"

"'No more permission blind spots.' - IT Manager"

First Three Customers

Launch extension on Chrome Web Store beta, promote in security Slack groups, comp free Pro to first 3 teams verifying 10+ SaaS and pain via Zoom call.

Launch Channels

Product Huntr/cybersecurityChrome Web StoreTwitter #ZeroTrust

SEO Keywords

saas permission proxygranular access control saasrbac proxy toolzero trust saas gatewayenforce permissions legacy saas

Competitive Analysis

Cloudflare Access

cloudflare.com/access

Usage-based enterprise

Strength

Scalable proxy

Weakness

Not RBAC-focused, complex setup

Our Advantage

SaaS-specific RBAC at fixed $35

🏰 Moat Strategy

Speed via pre-built SaaS rule templates.

⏰ Why Now?

Zero-trust mandates growing, but 70% SaaS lacks native granular controls.

Risks & Mitigation

technicalhigh severity

Proxy performance latency

Mitigation

Edge deployment, caching

marketmedium severity

Extension adoption low

Mitigation

Mandatory policy mode

Validation Roadmap

pre-build10 days

Proxy PoC demo to 8 admins

Success: 5 WOYLP commitments

mvp25 days

Ext + 3 rules, 20 users

Success: 15 daily actives

Pivot Options

→Full VPN pivot
→API-only proxy
→Focus on one vertical

Quick Stats

Build Time

115h

Target MRR (6 mo)

$2,500

Market Size

$6000.0M

Features

Database Tables

API Endpoints

View Pain Research →

PermaProxy

The Opportunity

Problem

Solution

Target Audience

Differentiator

Brand Voice

Features

Proxy Dashboard

Rule Engine

Browser Extension

Access Logs

Role Mapping

Zero-Trust Mode

Analytics Reports

Team Sharing

Custom JS Rules

Database Schema

organizations

policies

access_logs

API Endpoints

Tech Stack

Build Timeline

Week 1: Core proxy logic

Week 2: Dashboard and rules UI

Week 3: Extension

Week 4: Features and payments

Week 5: Polish

Pricing Tiers

Free

Pro

Enterprise

Revenue Projections

Unit Economics

Landing Page Copy

Proxy Permissions Where SaaS Falls Short

Feature Highlights

Social Proof (Placeholders)

First Three Customers

Launch Channels

SEO Keywords

Competitive Analysis

Cloudflare Access

🏰 Moat Strategy

⏰ Why Now?

Risks & Mitigation

Validation Roadmap

Proxy PoC demo to 8 admins

Ext + 3 rules, 20 users

Pivot Options

Quick Stats

Related Solution Ideas

CabalFinder

CabalVault

CabalEcho

WorthAI (worthai.com available)

EdgeBench (edgebench.com available)

FairPriceAI (fairpriceai.com available)