What is RBAC (Role-Based Access Control)?

Abbreviation: RBAC

Role-Based Access Control assigns permissions to roles (admin / member / guest) rather than individuals. osFoundry workspaces have RBAC with a separate `can_manage_security` flag gating sensitive routes.

Detail

RBAC simplifies permission management at scale. Define roles once with bundled permissions; assign roles to users. Common roles: admin, member, guest. More granular schemes (RBAC + ABAC) add per-resource access rules.

RBAC is essential for teams >5 people and required by most compliance regimes.

How osFoundry approaches RBAC (Role-Based Access Control)

osFoundry’s RBAC scopes to workspace, channel, agent, and app. The separate `can_manage_security` flag means a workspace admin can be created without giving them access to security-sensitive routes.

Related terms

sso
audit-log

Related features

rbac
enterprise-security