Skip to main content

3 docs tagged with "authorization"

View all tags

Authorization (HRM)

Authorization (HRM) defines Raytio's access control model. It covers user roles, role hierarchy, permissions, authorization policies, relationship-based access, and menu visibility.

Authorization Model Overview

Raytio's authorization model combines role-based permissions, relationship-based access, policy exceptions, and menu visibility. Together these controls determine what a user can do, which records they can access, and which actions appear in the interface.

Authorization Policies

Authorization policies provide a rule-based layer of access control that sits alongside the role hierarchy and permissions system. Policies define explicit PERMIT or FORBID rules for specific principals performing specific actions on specific resources. They are particularly useful for fine-grained exceptions — granting or denying access that does not fit neatly into the role-based model.