Role-based access control allows or restricts user access to data based solely on the user’s role within the organization. Role-based access control (RBAC) is a method for controlling what users are able to do within a company’s IT systems. RBAC accomplishes this by assigning one or more “roles” to each user, and giving each role different permissions. RBAC can be applied for a single software application or across multiple applications.
Think of a house where several people live. Each resident gets a copy of the key that opens the front door: they do not receive differently designed keys that all open the front door. If they need to access another part of the property, such as the storage shed in the backyard, they may receive a second key. No residents receive a unique key for the shed, or a special key that opens both the shed and the front door.
In RBAC, the roles are static, like the keys to the house in the example above. They are the same for whoever has them, and anyone who needs more access gets assigned an additional role (or a second key), instead of getting customized permissions. Learn more in the Cloudflare Learning Center.
Knowledge in Action
Sign up for Cloudflare today and put your knowledge to use.
