Skip to main content

Role-based access control

What role-based access control means

Role-based access control (RBAC) is a concept for user management, where you control the rights of your users by grouping certain sets of permissions under roles. These roles define what the users are able to access and do. By assigning the appropriate roles to the users you control the set of actions they are allowed to complete when using an application.

When setting up for this type of user management, the first step is to understand and analyze the users' activities. After the analyses you will group them based on commonalities in their responsibilities. You then define permissions and group them under roles. Finally you assign the roles to users.

The benefits of RBAC

RBAC gives you the following benefits:

  • Overall, it simplifies user access management, as you no longer need to set permissions individually by user.
  • Comply with confidentiality and privacy related regulations and statutory requirements.
  • Make adding, changing roles and implementing them faster.
  • Manage the privileges of your users a much simpler way.
  • Simplify correcting of issues.
  • Reduce errors related to permissions.
  • Manage users systematically using repeatable permissions assignment.
  • Integrate third-party users using pre-defined roles.
  • Amend roles to bulk-assign new permissions to existing applications, instead of assigning them individually to each user.

Role-based access control with Identity Cloud

With Identity Cloud, you can manage the permissions of your users, by assigning roles to them, with role-based access control. The permission determines the name of a granular right within one of your applications and is associated with only one application at a time.

Roles are sets of permissions, and you manage the permissions of your users by assigning roles to them.

You can learn more about this under the Permissions concept chapter.

Example use case

A short term rental management company has customers, the people whose properties they manage; and partners, who take care of and tend to the properties.

This real estate management company has native apps (Android and iOS) and web apps. It also provides further services, such as interior design for those who rent the properties unfurnished. They also streamline their support and integrate with Zendesk, using its widget on their sites for a more seamless customer support experience.

As they have multiple user groups who each need different permissions and accesses, RBAC with Identity Cloud helps simplify and streamline the identity and access management for them.

Check out our step-by-step of how this example rental management company can setup for success using role-based access management using Identity Cloud in our example case here.