Skip to main content

Role Based Access Control (RBAC)


Map permissions to roles
User rights based on the allocated role or roles | Restricts user access to specific parts of the system based on roles and permissions | Ensures effective delegation of responsibilities | Prevents leakage of privileged business info

Roles provided at both account and unit level
Unit level roles offer granular segregation of duties | Many roles are at the unit-level making it modular | Map organization structure for similar activities done by different people for different business units

Self-managed RBAC
Account self-manages role administration

Enforced for all user actions using a role matrix
All unauthorized access blocked

Explicit role allocation - Default zero
Default access level for all users is zero, that is, no access at all

RBAC is one of the OWASP Top-10 security concerns
In line with recommended global best practices