Glossary
RBAC (Role-Based Access Control)
Access-control model where permissions are granted to roles, and users inherit permissions by being assigned to roles.
Definition
Role-Based Access Control is an authorization model where permissions to perform operations are assigned to roles (admin, manager, viewer, billing-admin, etc.) and users acquire those permissions by being assigned to one or more roles. Modern RBAC implementations layer in resource-scoped permissions (a user is admin of this project but viewer of that one), role hierarchies (manager inherits from viewer), and policy engines for attribute-based extensions (ABAC).
Why it matters
Most SaaS applications outgrow simple flat role lists by year two. Designing RBAC with roles as data (not enums), supporting custom roles and resource scoping, is what makes the system maintainable when enterprise customers ask for tenant-specific roles.
See also
Multi-Tenancy
One software application serving many distinct customer organisations from shared infrastructure with isolated data.
Read →SaaS (Software as a Service)
Software delivered over the internet on a subscription, typically multi-tenant and accessed via a browser or app.
Read →SSO (Single Sign-On)
Authentication scheme that lets users sign in once with one identity provider and access many applications.
Read →Working on RBAC (Role-Based Access Control)?
Our SaaS Developmentteam ships this in production. Tell us your scope and we'll share a written recommendation and fixed quote within 48 hours.
SaaS Development →