Skip to main content

Security

OutSystems

Role-based access control for IT users

OutSystems Platform has management consoles that make it easy to manage IT team permissions. A role specifies the permissions across the whole infrastructure, with five different levels:

  • No Access: the IT user does not have access to the environment.

  • List Applications: allows the user to see information about the application, for example; revealing the app's version.

  • Reuse and Monitor Applications: allows the user to open, debug and reuse functionality exposed by this application.

  • Change and Deploy Applications: allows the user to create, debug, change and deploy applications.

  • Full Control: allows the user to manage the environment settings, for example; creating database connections. 

When assigning users with a role, the user gets the permissions of that role. If that role only allows to list applications in the Development and Quality Assurance environment, the user is able to list all applications on these two environments.

The administrator can then fine-tune the permissions a user has by application. Doing it this way, security policies can be implemented with the principle of least privilege. 

  • Was this article helpful?