diff --git a/server/opts.go b/server/opts.go
index 30d6aa5d..4952881c 100644
--- a/server/opts.go
+++ b/server/opts.go
@@ -20,8 +20,26 @@ import (
 
 // For multiple accounts/users.
 type User struct {
-	Username string `json:"user"`
-	Password string `json:"password"`
+	Username    string        `json:"user"`
+	Password    string        `json:"password"`
+	Permissions Authorization `json:"permissions"`
+	MaxConns    int           `json:"max_connections"`
+	MaxSubs     int           `json:"max_subscriptions"`
+}
+
+// Authorization are the allowed subjects on a per
+// publish or subscribe basis.
+type Authorization struct {
+	pub *Permission `json:"publish"`
+	sub *Permission `json:"subscribe"`
+}
+
+// Permission is for describing the subjects and rate limits
+// that an account connection can publish or subscribe to and
+// what limits if any exist for message and/or byte rates.
+type Permission struct {
+	Subjects []string `json:"subjects"`
+	// FIXME(dlc) figure out rates.
 }
 
 // Options block for gnatsd server.
diff --git a/server/opts_test.go b/server/opts_test.go
index e83c279e..43b8326f 100644
--- a/server/opts_test.go
+++ b/server/opts_test.go
@@ -397,3 +397,11 @@ func TestMultipleUsersConfig(t *testing.T) {
 	}
 	processOptions(opts)
 }
+
+func TestAuthorizationConfig(t *testing.T) {
+	opts, err := ProcessConfigFile("./configs/authorization.conf")
+	if err != nil {
+		t.Fatalf("Received an error reading config file: %v\n", err)
+	}
+	processOptions(opts)
+}