13.1 RBAC model: users, groups, and roles

There are four pre-defined Groups in MultiBaas:

  • Administrators: Administrators of the system who are expected to maintain MultiBaas for your organization, add and remove users, as well as configure blockchain and API related system settings
  • View-Only Administrators: Administrators of the system who are expected to review or audit the state of the system but not take any actions that modify it
  • Internal Users: Your employees who may use one or more features in the control panel or API but will not add or remove users from the system
  • External Clients: Your customers who's information you wish to save for the purposes of associating with blockchain accounts, for example for legal compliance reasons, who are not expected to log into MultiBaas directly

And five pre-defined Roles:

  • Login: the ability to log into the MultiBaas control panel
  • Administration Edit: full read / write access to all resources
  • Administration View: read access to all resources
  • Operator Edit: read / write access to certain resources
  • Operator View: read access to certain resources