Role Based Access Control (RBAC)


Back


Definition
Role Based Access Control, or RBAC, is an access control model that assigns permissions based on a user’s role. Instead of setting permissions for each individual user, administrators define roles such as admin, manager, or viewer, then assign users to those roles.

Why it matters
RBAC matters because it makes access easier to manage and reduces the risk of users having permissions they do not need. It helps organizations protect sensitive systems, enforce least privilege, and keep access rules consistent.

Example use case
A company dashboard gives administrators full access, managers access to team reports, and employees access only to their own profile. Each user’s permissions are based on their assigned role.