Back to Policy

Access Control

Configure RBAC and ABAC access controls.

Role-Based Access Control (RBAC)

Define roles and assign them to users or groups:

  • Admin: Full access to all features
  • Editor: Can edit metadata and policies
  • Viewer: Read-only access to catalog

Attribute-Based Access Control (ABAC)

Use user attributes for fine-grained access:

{
  "condition": "user.department == 'Engineering' AND asset.sensitivity != 'Confidential'",
  "effect": "allow"
}

Integration with SSO

User attributes are synced from your identity provider via SCIM.