Authorization and Role-Based Access Controls

Learn about authorization and role-based access controls in our Rails application.

In most organizations, the authentication mechanism is driven by product and business concerns, and the decision around what method to use is typically easy to make. Authorization—the mapping of what users can perform what actions—is often much more complicated.

If we are building software to be used by employees of the company or a software-as-a-service product intended for knowledge workers, there will often be a myriad of features available, some of which control highly sensitive or potentially dangerous functions.

Get hands-on with 1200+ tech skills courses.