Introduction to data RBAC

Data role-based access control (data RBAC) is a security model that restricts user access to data based on the user's roles within an organization. With data RBAC, administrators can define scopes and assign them to users to help ensure that users can access only the necessary data for their job functions.

Data RBAC and feature RBAC are often used together to provide a comprehensive access control system. The differences are the following:

• Feature RBAC controls access to specific features or functionalities within a system. Feature RBAC determines which features are accessible to users based on their roles.

• Data RBAC controls access to specific data or information within a system. Data RBAC controls user access to view and modify data based on their roles.

For example, a user might be allowed to access a specific feature (feature RBAC) and within that feature, their access to specific data might be further restricted based on their role (data RBAC).

To understand how data RBAC works, see Overview of Data RBAC.

For information about the data RBAC impact on features, see Data RBAC impact on features.

To get started with configuring data RBAC, see Configure data RBAC.