Role-Based Access Control (RBAC): Permissions vs. Roles
Once we’ve determined that a user is who they say they are (authentication), we next need to determine whether they can access the page or resource they’re trying to access (authorization). Role-Based Access Control (RBAC) is one of the most common ways enterprise software accomplishes this. It is highly flexible and allows for any number of configurations.