Control what each user is permitted to use, view, or alter.
Authorization is the process of controlling what each user can use, view, or alter in the application.
Role-based authorization model
InterSystems uses a role-based authorization model; roles carry permissions, and users are assigned to roles. A user then has the cumulative permissions provided by all the roles to which the user belongs.
As a programmer, you are responsible for including the appropriate security checks within your code to make sure that a given user has permission to perform a given task. You can also temporarily give a user permissions for a specific task, using an option called role escalation
© 1997-2019 InterSystems Corporation, Cambridge, MA