Define scope for Roles
Loopback allows you to define various User Roles based on the requirements. It enables you to define both static and dynamic roles. Static roles are stored in a data source and are mapped to users. In contrast, dynamic roles aren’t assigned to users and are determined during access.
Multi-Tenant Roles
An
orgAdmin
like role is required for access over REST to allow for administrative actions needed for any particular organization:API's to manage/invite other users,
profile and payments configurations, and
deciding hierarchal powers.
Hopefully, it makes sense naturally that such actions should only be allowed for an organization's administrators.
An
orgUser
role is required for accessing other basic APIs which help an organization execute properly.
Built-In Roles
LoopBack enables you to define dynamic roles that are defined at run-time.
LoopBack provides the following built-in dynamic roles:
$owner
- Owner of the object$authenticated
- authenticated user$unauthenticated
- Unauthenticated user$everyone
- Everyone
Define a Custom Role
You can create custom roles through boot scripts.
Here's an example of creating a custom role:
Last updated