Access control using roles
To control access to private or sensitive information on your portal, you may want to verify whether the user has the correct role. Examples of using roles in granting/denying digital access are:
- consumer versus health care professional at a pharmaceutical or hospital
- visitor versus confirmed customer at a customer services portal
- visitor versus paying subscriber for premium content
- retail customer versus corporate customer
- customer versus agent or employee
Traditional implementations perform the check using a named list of individuals, for example using Active Directory. Maintaining such a named list of users requires a lot of back office administration, is errorprone and does not always take leavers into account.