Access control

Corteza defines three particular role types which need to be registered in the .env file.

The role types:
  • Bypass: RBAC_BYPASS_ROLES; defaults to super-admin. Bypass roles may not appear in any of the other lists.

  • Authenticated: RBAC_AUTHENTICATED_ROLES; defaults to authenticated. Authenticated roles may not appear in any of the other lists.

  • Anonymous: RBAC_ANONYMOUS_ROLES; defaults to anonymous

The .env variables accept a space-delimited list of role handles.