diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java
new file mode 100644
index 000000000..c79c7b513
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IPersistentEntityTupple.java
@@ -0,0 +1,14 @@
+package edu.internet2.tier.shibboleth.admin.ui.security.service;
+
+import java.io.Serializable;
+
+/**
+ * Will be used as a key for PersmissionEvaluator return types
+ */
+public interface IPersistentEntityTupple extends Serializable {
+
+    String getId();
+
+    Class getType();
+
+}
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java
new file mode 100644
index 000000000..2482f34fd
--- /dev/null
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/security/service/IShibUiPermissionEvaluator.java
@@ -0,0 +1,22 @@
+package edu.internet2.tier.shibboleth.admin.ui.security.service;
+
+import org.springframework.security.access.PermissionEvaluator;
+import org.springframework.security.core.Authentication;
+
+import java.util.Collection;
+import java.util.Map;
+
+public interface IShibUiPermissionEvaluator extends PermissionEvaluator {
+
+    Collection getPersistentEntitiesWithPermission(Authentication authentication, Object permission);
+
+    /**
+     * Get ALL persistent entities that user has access to
+     * @param authentication
+     * @return
+     */
+    Map<IPersistentEntityTupple, Object> getPersistentEntities(Authentication authentication);
+
+    Map<IPersistentEntityTupple, Object> getPersistentEntities(Authentication authentication, Class clazz);
+    
+}