diff --git a/meson.build b/meson.build
index fd14cab..d58714e 100644
--- a/meson.build
+++ b/meson.build
@@ -47,6 +47,15 @@ gio_dep = dependency('gio-2.0', version: '>=' + glib_min_version)
 gio_unix_dep = dependency('gio-unix-2.0', version: '>=' + glib_min_version)
 m_dep = cc.find_library('m', required: true)
 
+polkit = dependency('polkit-gobject-1', version: '>= 0.103')
+if polkit.found()
+  cdata.set('HAVE_POLKIT', '1')
+  if polkit.version().version_compare('>= 0.114')
+    cdata.set('HAVE_POLKIT_0_114', '1')
+  endif
+  cdata.set_quoted ('POLKIT_ACTIONDIR', polkit.get_variable(pkgconfig: 'actiondir'))
+endif
+
 xsltproc = find_program('xsltproc', disabler: true, required: get_option('gtk-doc') or get_option('man'))
 
 # Resolve OS backend
@@ -130,7 +139,7 @@ pkgconfig.generate(
     description: 'UPower is a system daemon for managing power devices',
     version: meson.project_version(),
     libraries: libupower_glib,
-    requires: [glib_dep, gobject_dep],
+    requires: [glib_dep, gobject_dep, polkit],
     subdirs: 'libupower-glib',
 )
 
diff --git a/src/meson.build b/src/meson.build
index 3bcde1a..e4ed974 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -6,7 +6,7 @@ upowerd_deps = declare_dependency(
         include_directories('../dbus'),
     ],
     dependencies: [
-        m_dep, glib_dep, gobject_dep, gio_dep, gio_unix_dep, libupower_glib_dep, upowerd_dbus_dep
+        m_dep, glib_dep, gobject_dep, gio_dep, gio_unix_dep, libupower_glib_dep, upowerd_dbus_dep, polkit
     ],
     compile_args: [
         '-DUP_COMPILATION',
@@ -46,6 +46,8 @@ upowerd_private = static_library('upowerd-private',
         'up-native.h',
         'up-common.h',
         'up-common.c',
+        'up-polkit.c',
+        'up-polkit.h',
     ],
     dependencies: [ upowerd_deps ],
     c_args: [ '-DG_LOG_DOMAIN="UPower"' ],
diff --git a/src/up-daemon.c b/src/up-daemon.c
index 82c8b48..624b177 100644
--- a/src/up-daemon.c
+++ b/src/up-daemon.c
@@ -30,6 +30,7 @@
 
 #include "up-config.h"
 #include "up-constants.h"
+#include "up-polkit.h"
 #include "up-device-list.h"
 #include "up-device.h"
 #include "up-backend.h"
@@ -39,6 +40,7 @@ struct UpDaemonPrivate
 {
 	UpConfig		*config;
 	gboolean		 debug;
+	UpPolkit		*polkit;
 	UpBackend		*backend;
 	UpDeviceList		*power_devices;
 	guint			 action_timeout_id;
@@ -1067,6 +1069,7 @@ up_daemon_init (UpDaemon *daemon)
 	daemon->priv = up_daemon_get_instance_private (daemon);
 
 	daemon->priv->critical_action_lock_fd = -1;
+	daemon->priv->polkit = up_polkit_new ();
 	daemon->priv->config = up_config_new ();
 	daemon->priv->power_devices = up_device_list_new ();
 	daemon->priv->display_device = up_device_new (daemon, NULL);
@@ -1152,6 +1155,7 @@ up_daemon_finalize (GObject *object)
 
 	g_object_unref (priv->power_devices);
 	g_object_unref (priv->display_device);
+	g_object_unref (priv->polkit);
 	g_object_unref (priv->config);
 	g_object_unref (priv->backend);
 
diff --git a/src/up-daemon.h b/src/up-daemon.h
index e36663b..29de7ba 100644
--- a/src/up-daemon.h
+++ b/src/up-daemon.h
@@ -22,6 +22,8 @@
 #define __UP_DAEMON_H__
 
 #include <dbus/up-daemon-generated.h>
+#include <polkit/polkit.h>
+
 #include "up-types.h"
 #include "up-device-list.h"
 
diff --git a/src/up-device.h b/src/up-device.h
index 92480c9..786dfe5 100644
--- a/src/up-device.h
+++ b/src/up-device.h
@@ -23,6 +23,7 @@
 #define __UP_DEVICE_H__
 
 #include <dbus/up-device-generated.h>
+#include <polkit/polkit.h>
 #include "up-daemon.h"
 
 G_BEGIN_DECLS
diff --git a/src/up-polkit.c b/src/up-polkit.c
new file mode 100644
index 0000000..729a739
--- /dev/null
+++ b/src/up-polkit.c
@@ -0,0 +1,191 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2008 David Zeuthen <davidz@redhat.com>
+ * Copyright (C) 2008 Richard Hughes <richard@hughsie.com>
+ *
+ * Licensed under the GNU General Public License Version 2
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#  include <config.h>
+#endif
+
+#include <glib.h>
+
+#include <polkit/polkit.h>
+
+#include "up-polkit.h"
+#include "up-daemon.h"
+
+#define UP_POLKIT_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), UP_TYPE_POLKIT, UpPolkitPrivate))
+
+struct UpPolkitPrivate
+{
+	GDBusConnection	*connection;
+	PolkitAuthority		*authority;
+};
+
+G_DEFINE_TYPE (UpPolkit, up_polkit, G_TYPE_OBJECT)
+static gpointer up_polkit_object = NULL;
+
+/**
+ * up_polkit_get_subject:
+ **/
+PolkitSubject *
+up_polkit_get_subject (UpPolkit *polkit, GDBusMethodInvocation *invocation)
+{
+	g_autoptr (GError) error = NULL;
+	const gchar *sender;
+	g_autoptr (PolkitSubject) subject = NULL;
+
+	sender = g_dbus_method_invocation_get_sender (invocation);
+	subject = polkit_system_bus_name_new (sender);
+
+	if (subject == NULL) {
+		error = g_error_new (UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL, "failed to get PolicyKit subject");
+		g_dbus_method_invocation_return_error (invocation,
+						       UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL,
+						       "failed to get Polkit subject: %s", error->message);
+	}
+
+	return g_steal_pointer (&subject);
+}
+
+/**
+ * up_polkit_check_auth:
+ **/
+gboolean
+up_polkit_check_auth (UpPolkit *polkit, PolkitSubject *subject, const gchar *action_id, GDBusMethodInvocation *invocation)
+{
+	g_autoptr (GError) error = NULL;
+	g_autoptr (GError) error_local = NULL;
+	g_autoptr (PolkitAuthorizationResult) result = NULL;
+
+	/* check auth */
+	result = polkit_authority_check_authorization_sync (polkit->priv->authority,
+							    subject, action_id, NULL,
+							    POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+							    NULL, &error_local);
+	if (result == NULL) {
+		error = g_error_new (UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL, "failed to check authorisation: %s", error_local->message);
+		g_dbus_method_invocation_return_gerror (invocation, error);
+		return FALSE;
+	}
+
+	/* okay? */
+	if (polkit_authorization_result_get_is_authorized (result)) {
+		return TRUE;
+	} else {
+		error = g_error_new (UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL, "not authorized");
+		g_dbus_method_invocation_return_gerror (invocation, error);
+	}
+	return FALSE;
+}
+
+/**
+ * up_polkit_is_allowed:
+ **/
+gboolean
+up_polkit_is_allowed (UpPolkit *polkit, PolkitSubject *subject, const gchar *action_id, GError **error)
+{
+	gboolean ret = FALSE;
+	g_autoptr (GError) error_local = NULL;
+	g_autoptr (PolkitAuthorizationResult) result = NULL;
+
+	/* check auth */
+	result = polkit_authority_check_authorization_sync (polkit->priv->authority,
+							    subject, action_id, NULL,
+							    POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+							    NULL, &error_local);
+	if (result == NULL) {
+		if (error_local != NULL)
+			g_set_error (error, UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL, "%s", error_local->message);
+		else
+			g_set_error (error, UP_DAEMON_ERROR, UP_DAEMON_ERROR_GENERAL, "failed to check authorization");
+		return FALSE;
+	}
+
+	ret = polkit_authorization_result_get_is_authorized (result) ||
+	      polkit_authorization_result_get_is_challenge (result);
+
+	return ret;
+}
+
+/**
+ * up_polkit_finalize:
+ **/
+static void
+up_polkit_finalize (GObject *object)
+{
+	g_autoptr (GError) error = NULL;
+	UpPolkit *polkit;
+	g_return_if_fail (UP_IS_POLKIT (object));
+	polkit = UP_POLKIT (object);
+
+	if (polkit->priv->connection != NULL)
+		g_object_unref (polkit->priv->connection);
+
+	g_object_unref (polkit->priv->authority);
+
+	G_OBJECT_CLASS (up_polkit_parent_class)->finalize (object);
+}
+
+/**
+ * up_polkit_class_init:
+ **/
+static void
+up_polkit_class_init (UpPolkitClass *klass)
+{
+	GObjectClass *object_class = G_OBJECT_CLASS (klass);
+	object_class->finalize = up_polkit_finalize;
+}
+
+/**
+ * up_polkit_init:
+ *
+ * initializes the polkit class. NOTE: We expect polkit objects
+ * to *NOT* be removed or added during the session.
+ * We only control the first polkit object if there are more than one.
+ **/
+static void
+up_polkit_init (UpPolkit *polkit)
+{
+	g_autoptr (GError) error = NULL;
+
+	polkit->priv = up_polkit_get_instance_private (polkit);
+
+	polkit->priv->authority = polkit_authority_get_sync (NULL, &error);
+	if (polkit->priv->authority == NULL)
+		g_error ("failed to get polkit authority: %s", error->message);
+}
+
+/**
+ * up_polkit_new:
+ * Return value: A new polkit class instance.
+ **/
+UpPolkit *
+up_polkit_new (void)
+{
+	if (up_polkit_object != NULL) {
+		g_object_ref (up_polkit_object);
+	} else {
+		up_polkit_object = g_object_new (UP_TYPE_POLKIT, NULL);
+		g_object_add_weak_pointer (up_polkit_object, &up_polkit_object);
+	}
+	return UP_POLKIT (up_polkit_object);
+}
+
diff --git a/src/up-polkit.h b/src/up-polkit.h
new file mode 100644
index 0000000..fa3a4f1
--- /dev/null
+++ b/src/up-polkit.h
@@ -0,0 +1,73 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*-
+ *
+ * Copyright (C) 2008 Richard Hughes <richard@hughsie.com>
+ *
+ * Licensed under the GNU General Public License Version 2
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#ifndef __UP_POLKIT_H
+#define __UP_POLKIT_H
+
+#include <glib-object.h>
+#include <polkit/polkit.h>
+
+G_BEGIN_DECLS
+
+#define UP_TYPE_POLKIT		(up_polkit_get_type ())
+#define UP_POLKIT(o)		(G_TYPE_CHECK_INSTANCE_CAST ((o), UP_TYPE_POLKIT, UpPolkit))
+#define UP_POLKIT_CLASS(k)	(G_TYPE_CHECK_CLASS_CAST((k), UP_TYPE_POLKIT, UpPolkitClass))
+#define UP_IS_POLKIT(o)		(G_TYPE_CHECK_INSTANCE_TYPE ((o), UP_TYPE_POLKIT))
+#define UP_IS_POLKIT_CLASS(k)	(G_TYPE_CHECK_CLASS_TYPE ((k), UP_TYPE_POLKIT))
+#define UP_POLKIT_GET_CLASS(o)	(G_TYPE_INSTANCE_GET_CLASS ((o), UP_TYPE_POLKIT, UpPolkitClass))
+
+typedef struct UpPolkitPrivate UpPolkitPrivate;
+
+typedef struct
+{
+	GObject parent;
+	UpPolkitPrivate	*priv;
+} UpPolkit;
+
+typedef struct
+{
+	GObjectClass parent_class;
+} UpPolkitClass;
+
+GType		 up_polkit_get_type		(void);
+UpPolkit	*up_polkit_new			(void);
+
+PolkitSubject	*up_polkit_get_subject		(UpPolkit		*polkit,
+						 GDBusMethodInvocation	*context);
+gboolean	 up_polkit_check_auth		(UpPolkit		*polkit,
+						 PolkitSubject		*subject,
+						 const gchar		*action_id,
+						 GDBusMethodInvocation	*context);
+gboolean	 up_polkit_is_allowed		(UpPolkit		*polkit,
+						 PolkitSubject		*subject,
+						 const gchar		*action_id,
+						 GError		 	**error);
+gboolean         up_polkit_get_uid		(UpPolkit              *polkit,
+                                                 PolkitSubject          *subject,
+                                                 uid_t                  *uid);
+gboolean         up_polkit_get_pid		(UpPolkit              *polkit,
+                                                 PolkitSubject          *subject,
+                                                 pid_t                  *pid);
+
+G_END_DECLS
+
+#endif /* __UP_POLKIT_H */
+