What is Role-Based Access Control (RBAC)?

Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) is an access control mechanism that assigns permissions to users based on their role within an organisation.

Instead of managing permissions for each individual, users are assigned predefined roles that dictate what resources and actions they can access (such as reading files, editing documents, or administering systems). RBAC simplifies access management, enforces the principle of least privilege, and ensures consistency in access policies.

For example, a “Salesperson” role might have access to customer data, while a “Manager” role may have broader access, including financial records.