Guides
Go to payrails.com

User Management

Suggest Edits

Role-Based Access Control (RBAC)

Role-Based Access Control (RBAC) is a robust security model that organizes access permissions based on user roles. In RBAC, users are assigned specific roles, each with well-defined permissions. Rather than assigning permissions directly to individual users, access is governed through roles. This streamlined approach simplifies administration, enhances overall security, and ensures that users only possess the access necessary for their designated roles. This minimizes the risk of unauthorized actions, contributing to improved system management.

There are two primary methods through which users interact with the Payrails system. Users can utilize the merchant portal for tasks such as configuring workflows or gaining insights into executions and reports. Alternatively, they can interact programmatically via API and SDK. In both scenarios, user roles are assigned to the individuals managing user accounts or to the machines involved in machine-to-machine communication.

Best Practices

  • Least Privilege Principle: Assign the minimum necessary permissions to users based on their roles. This reduces the risk of unauthorized access and potential security breaches.
  • Regular Audits: Periodically review and update user roles and permissions to align with organizational changes. Remove unnecessary access for users who have changed roles or responsibilities.
  • Training: Provide training sessions for users on the assigned roles and the associated permissions. This ensures that everyone is aware of the actions they can perform within the system.

FAQ

Q: How can I request additional permissions for my role?
A: To request additional permissions, reach out to your administrator or the designated role manager. They can assess your request, considering the principle of least privilege, and make necessary adjustments if required.

Q: Can I have multiple roles assigned to my account?
A: No, each account is assigned a single role to maintain clarity and adhere to the principle of least privilege. If your responsibilities change, contact the administrator to reassess and adjust your role accordingly.

Q: What should I do if I suspect unauthorized access?
A: If you suspect unauthorized access or notice any unusual activity, immediately report it to your administrator. They will investigate the issue and take appropriate measures to secure the system.

Q: Are role changes effective immediately?
A: Yes, role changes take effect immediately upon assignment. However, it's recommended to log out and log back in to ensure the updated roles and permissions are applied consistently.

Q: How often should roles and permissions be audited?
A. Roles and permissions should be audited regularly, at least quarterly, or whenever there are organizational changes. Regular audits help ensure that access levels align with current business requirements and reduce security risks.

Q: Can I customize roles based on specific business needs?

A: No, the roles are predefined to maintain consistency and security. If you have specific access requirements, discuss them with your administrator, and they can assess whether adjustments are necessary within the existing role structure.

Q: Why am I getting 405 Not Allowed when accessing the portal via SSO (e.g. Okta)?
A: There is a known limitation with our portal which prevents direct connection from your SSO portal (e.g. Okta) to our portal. To access the portal with you SSO login, you need to access via the direct portal URL instead (e.g. https ://yourcompany.payrails.io/)

Updated 17 days ago