⚙️
API Reference
  • Introduction
  • Features
  • Roadmaps & Requests
  • Frequently Asked Questions
  • Release notes
  • 💡START HERE
    • Terminology
    • Identity and Access Management (IAM)
      • Overview
      • Users in IAM
      • Policies in IAM
      • Roles in IAM
      • Security best practices
    • Dynamic Objects
      • Object Definition
      • Field Definition
      • Data Validation
      • Data Security
        • Encryption
      • Version Control
      • Audit Logs
    • System Architecture Diagram
    • How-To Guides
      • Clinic Project
  • 🔌CORE API Reference
    • Overview
    • Auth
    • Projects
    • Organization
    • Users
    • Roles
    • Policies
    • Objects
    • Item
    • Files
    • Notifications
    • API Request History
    • Auto-Documentation
    • Branches & Merging
    • API Performance
  • ☁️[Coming SOON] YOUR ACCELERATOR PLATFORM ACCOUNT
    • Help and Support
    • Account Page
    • Billing
    • Upgrading an Instance
    • Adjust Server Performance
    • Custom Domain
    • Change Server Region
    • Manage Team
    • API Rate Limit
    • Developer API
  • 🔓SECURITY AND COMPLIANCE
    • Best Practices
    • SOC 2 Type 2 & SOC 3
    • GDPR
    • HIPAA
    • ISO 27001:2013
    • ISO 9001:2015
    • Penetration Testing
  • Accelerator Platform - Core APIs
  • Identity and Access Management
Powered by GitBook
On this page
  1. START HERE
  2. Identity and Access Management (IAM)

Roles in IAM

Once you have created your policies you can start creating roles using those policies. This will help to restrict specific resources to different roles.

Role

A role is a collection of permissions that are assigned to a user or a group of users within the product. A role defines what actions a user or group is allowed to perform within the product, such as creating or modifying resources, accessing data, or executing scripts.

Roles are often used to group users with similar responsibilities or access needs, and can be managed and organized using various tools and features within the product. By defining roles and assigning them to users, Accelerator platform help to ensure that access to resources and data is properly controlled and managed, and that data security and integrity are maintained.

Users can be assigned one or more roles within the product, depending on their responsibilities and access needs. By assigning roles to users, root user can control the actions that users are allowed to perform, and ensure that access to resources and data is limited to those who need it.

There are multiple attributes offered by the platform to help you create roles. Here is a list of all the attributes of a role.

Field
Description

_id

This is the readonly, unique identifier of the role. We can use this id to attach the role to a user.

name

Role name must be unique in an organization. It should be in the camelCase format.

policies

This is an array of policy ids.

Example 1 of role name "StudentProfileAccess" for Student Management System giving access to "read" and "write" to "firstName", "lastName" and "dob" of object "Students"

// Example Provider Role that contains multiple policies
// It includes two policies named as "<Provider-Data-Access-Policy-Id>" and
// "<Providers-Access-To-Patients-Data-Policy-Id>"
{ 
    "name": "Provider", 
    "policies": [ 
      "<Provider-Data-Access-Policy-Id>", 
      "<Providers-Access-To-Patients-Data-Policy-Id>" 
    ] 
  }
PreviousPolicies in IAMNextSecurity best practices

Last updated 2 years ago

💡