Skip to main contentOverview
A Role defines a set of permissions that can be assigned to users. The Roles API enables role-based access control (RBAC) through:
- Role management (create, read, update, delete)
- User-role assignments
- Permission control
- Role hierarchies
Core Concepts
Role Types
- Administrator: Full system access
- Standard User: Basic permissions
- Custom roles: Tailored access levels
Permissions
- C: Create
- R: Read
- U: Update
- D: Delete
- A: All-Records
System Roles
- Cannot be modified or deleted
- Have predefined permissions
- Example:
administrator, user
Security Considerations
- Role modification requires elevated privileges
- System roles cannot be modified or deleted
- Role names must follow security guidelines
- Permission changes are audited
- Role assignments are validated
