Defining the authorization scheme

In most cases, you want to restrict authenticated users from accessing every part of an application. You can implement authorization features that ensure users can access only the user interfaces and data that they are authorized to access. The Pega Platform provides a complementary set of access control features called Role-based access control and Attribute-based access control.

Another access control capability in Pega is Client-based access control (CBAC). This is more focused on tracking and processing requests to view, update or remove personal Customer data held across your Pega applications, such as that required by EU GDPR (and similar) regulations. In itself, it doesn’t influence the authorization considerations for lead system architects when designing a Pega application, and is not discussed further in this module.

Advanced

Inglês

Depois de concluir este módulo, você deverá ser capaz de:

Compare role and attribute based access control

Identify and configure roles and access groups for an application

Determine the appropriate authorization model for a given use case

Determine the rule security mode

Disponível na seguinte missão:

Lead System Architect v1

Tópicos

Authorization design considerations

5 min

Authorization models

15 min

Roles dependency hierarchy

10 min

Application roles and access groups

15 min

Authorization policy configuration

5 min

Rule security mode

5 min

Quiz do módulo

5 min