Skip to main content

Security of OutSystems applications

OutSystems

Role-based access control for OutSystems applications

OutSystems supports role-based access control. Roles are created when a team designs an application, and it allows a team or individual to grant or deny access to screens or a specific functionality.

Create Roles

Teams create new roles in a visual way when developing an application. See below:

Once a role is in place a developer or other team member can restrict access to functionality based on that role.

In this example, the 'NetworkHome' page is only accessible to users with one of the roles checked. Users that try accessing this page and are not authorized, are redirected to the login page.

Teams can execute different logic according to the user role, such as displaying or hiding forms.

Manage permissions

Once an application is running, manage the users and permissions by using the back-office, or through APIs that are available to the developer team. 

User permissions are completely dynamic. It's possible to change the user permissions at runtime, without having to make any changes to the application.

A team can also work with the user management APIs to integrate with other authorization systems, or allow users to create accounts in a given app.