Role-based security

Grants permission to perform actions such as create a submission or edit an account.

Role-based security provides permission to perform an action based on a user’s role. Creating a submission and editing an account are examples of actions. Producers or auditors are examples of roles. Permissions and roles enforce role-based security.

Permissions

A permission is a granular task or ability to see or do something within PolicyCenter, such as create submissions or edit accounts. Generally, permissions are grouped together depending on usage. For example an underwriter would have the set of permissions that are necessary to perform underwriting work. This set of permissions define the user role of an underwriter. By grouping permissions into roles, a user’s authority can be precisely defined by a few assigned roles, rather than by a much larger list of permissions. Some permissions govern access to entire sections of the application. For example, only users with the Rule Admin role are granted the ability to access internal server and debugging tools. Other permissions govern more granular actions, such as the ability to view, edit, create, or bind a submission.

Roles

A role is a named collection of permissions and typically, maps to a job function or job title. For example, the producer role contains the set of permissions appropriate for someone who is a producer. For example, this role might have the create submissions or edit accounts permissions, but not the create users or possibly even the issue submissions permissions. Similarly, a producer clerical role might have only create submissions and not edit accounts. A user can have one or more roles, and must have at least one. The user is granted all of the permissions contained in any of the assigned roles. Roles provide the basic security that governs which actions the user can take within PolicyCenter.