Role-based access control
MultiBaas uses a rudimentary three part role based access control (RBAC) model for controlling access to MultiBaas resources. The access control tools in MultiBaas pertain only to the MultiBaas software and do not extend to restricting or allowing access to public blockchains. Access to public blockchains will always be controlled by their native accounts (public/private key pairs) and the deployed smart contracts on the network.
The current permission model should be sufficient for the expected uses of MultiBaas however future development will allow more fine-grained permission control. Please contact us if you have any questions about or requests for your planned MultiBaas implementation.
Users
Users of MultiBaas are identified by their email address and can perform various actions within the system. Primarily user accounts are for:
- Interacting with MultiBaas via the web UI
- Controlling access to the API
- Managing the relationship between your customer accounts and their blockchain data
Pre-defined Groups
There are four pre-defined Groups in MultiBaas:
- Administrators : Administrators of the system who are expected to maintain MultiBaas for your organization, add and remove users, as well as configure blockchain and API related system settings
- View-Only Administrators : Administrators of the system who are expected to review or audit the state of the system but not take any actions that modify it
- Internal Users : Your employees who may use one or more features in the control panel or API but will not add or remove users from the system
- External Clients : Your customers who's information you wish to save for the purposes of associating with blockchain accounts, for example for legal compliance reasons, who are not expected to log into MultiBaas directly
Pre-defined Roles
There are five pre-defined Roles:
- Login : the ability to log into the MultiBaas control panel
- Administration Edit : full read / write access to all resources
- Administration View : read access to all resources
- Operator Edit : read / write access to certain resources
- Operator View : read access to certain resources