Skip to main content

One doc tagged with "policy templates"

View all tags

Authorization Policies

Authorization policies provide a rule-based layer of access control that sits alongside the role hierarchy and permissions system. Policies define explicit PERMIT or FORBID rules for specific principals performing specific actions on specific resources. They are particularly useful for fine-grained exceptions — granting or denying access that does not fit neatly into the role-based model.