Roles and Permissions
Modernbanc has a universal granular permission system across all our models to fit any organization regardless of size.
What are roles?
Access to both the Modernbanc API and UI is regulated through roles. Each API key and workspace membership is linked to a specific role.
Roles are defined by a mix of functionalities (such as accounts, entities), permissions (like create, update), and filters (like where environment_id = 'uuid'). This structure allows for precise access control.
Permission filters within a role can range from broad, covering the entire workspace, to highly specific, targeting individual object fields (for example, environment_id).
Modernbanc permissions are object-based, which means GET workspace permission will only let you view Workspace object
rather than everything in the workspace. If you want to access objects within the workspace you’d need a permission
for that model e.g GET account or CREATE transaction.
Workspace Defaults
Upon creation, every workspace is equipped with nine predefined roles. Three foundational roles - Admin, Developer, and Viewer - provide comprehensive access across the workspace. The remaining six roles, including Admin - Test, Admin - Live, Viewer - Test, Viewer - Live, Developer - Test, and Developer - Live, offer tailored access based on the environment.
Create Roles
Roles can be created and modified in the UI or API. The simplest way to create a role is to use the UI.
- Navigate to the
Settingstab in the navigation dropdown or by pressingGand thenS. - Navigate to the
Rolestab in the navigation dropdown or by pressingGand thenR. - Click the
Createbutton in the upper right corner.
- Enter a name for the Role.
- Select the permissions you want by clicking the
Addbutton. - For each selected permission, choose the type of access to grant (
get,create,update,...). - Optionally add filters on permissions to restrict access further. A standard filter is
environment_idto restrict access to a specific environment. - Click the
Createbutton.