Role-Based Access Control (RBAC)
KoreShield provides a built-in RBAC system for managing who can access what within your deployment. RBAC is managed through the dashboard for hosted customers.
Built-in Roles
| Role | Description |
|---|---|
owner | Full access, can manage all resources |
admin | Administrative access, can manage users and config |
editor | Can modify rules, policies, and configurations |
viewer | Read-only access to dashboards and reports |
security_analyst | Access to security events, alerts, and analytics |
Permission Categories
Permissions are organized by category:
- security: view threats, manage rules, configure detection
- management: manage users, roles, API keys
- analytics: view dashboards, run reports
- system: server configuration, provider management
User Statuses
active: user can log in and access resourcesinactive: user account is disabledpending: user has been invited but has not accepted
Related Docs
- REST API for authentication details