RBAC Overview
Overview
Role-Based Access Control (RBAC) assigns permissions to users according to their roles. Casbin implements RBAC with support for role hierarchies, domains, and conditions.
RBAC in Casbin
- Basic RBAC — Role hierarchies and user–role assignments
- RBAC with pattern — Pattern matching for flexible role assignment
- RBAC with domains — Multi-tenancy with per-domain roles
- RBAC with conditions — Conditional logic in role-based permissions
- RBAC96 — Alignment with the NIST RBAC96 model
Getting started
- Define the role hierarchy and request/policy shape in the model.
- Assign users to roles (and optionally resources to roles) in policy.
- Use the RBAC API to manage roles and check permissions.
See the sections below for each variant and implementation details.