Go to ScaffoldHub
This section is a high-level explanation of the ScaffoldHub roles and permissions. For low-level and implementation, refer to the
Architecture > Security
validate permissions. On the backend, the validation happens on each endpoint.
To understand ScaffoldHub security, you must understand those concepts:
is very specific actions users can perform. Examples are customer create, audit log read, or user delete.
A role is a
group of permissions
. For example, an admin (role) can create users (permission), view audit logs (permission), etc.
Out-of-the-box ScaffoldHub has two roles:
. The idea is that you manually create more roles based on your business context.
Users, Workspaces (Tenants), and Roles
Users can have multiple roles in multiple tenants. For example, a user can be a viewer (role) and an entity editor (role) on Workspace A (workspace), and an admin (role) on Workspace B (workspace).
, we will have the following setup:
all the permissions
role has permission to