Role-Permission Based Access

Defining our Permissions and Roles

ND004 C03 L04 A02.1 RBAC 1

Authorization in our Digital Sequence

ND004 C03 L04 A02.2 RBAC 1

Permissions in JWTs

Which permission is not included as a claim in the following JWT:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBEb2UiLCJyb2xlIjoicGhvdG9ncmFwaGVyIiwicGVybWlzc2lvbnMiOlsicG9zdDppbWFnZSIsImVkaXQ6aW1hZ2UiLCJnZXQ6aW1hZ2UiXX0.JxxxdRl8_FIAr76njWQwB2UC48irjWvmBHcLVp81qdk

Tip: use the JWT.io debugger to decode the token!

post:image

edit:image

delete:image

SOLUTION:

`delete:image`

Additional Resources

StackExchange discussion on RBAC vs PBAC