diff --git a/lib/mv/authorization/authorization.ex b/lib/mv/authorization/authorization.ex
new file mode 100644
index 0000000..23672f1
--- /dev/null
+++ b/lib/mv/authorization/authorization.ex
@@ -0,0 +1,30 @@
+defmodule Mv.Authorization do
+  @moduledoc """
+  Ash Domain for authorization and role management.
+
+  ## Resources
+  - `Role` - User roles that reference permission sets
+
+  ## Public API
+  The domain exposes these main actions:
+  - Role CRUD: `create_role/1`, `list_roles/0`, `update_role/2`, `destroy_role/1`
+
+  ## Admin Interface
+  The domain is configured with AshAdmin for management UI.
+  """
+  use Ash.Domain,
+    extensions: [AshAdmin.Domain, AshPhoenix]
+
+  admin do
+    show? true
+  end
+
+  resources do
+    resource Mv.Authorization.Role do
+      define :create_role, action: :create_role
+      define :list_roles, action: :read
+      define :update_role, action: :update_role
+      define :destroy_role, action: :destroy
+    end
+  end
+end