Guides

Quick start
- Authenticate your first user
- Access methods for different types of applications
- Console overview
Authenticate the user
- Use account password authentication
- Use SMS verification code authentication
- Use social login authentication
- Use scan code login authentication
  - Use self-built App to scan the code to log in to the website
    Complete interface list
    Custom configuration items
  - Use the mini program to scan the code to log in to the website
- Certify in Mini Program
- Implement single sign-on (SSO)
- Single sign-on on the mobile terminal
- Multi-factor authentication (MFA)
- Extend the authentication process
- Personalize the guard
Authority management for users
Authorization
- Inter-application authorization for user permission
- M2M authorization
Manage user accounts
Manage User Directory
Management Application
Become a source of federal authentication identity
Connect to an external identity provider (IdP)
Open up WeChat ecology
Migrate users to Authing
Management organization
Expandable capabilities
- Use Webhook to monitor user events
- Custom authentication process (Pipeline)
- Configure custom password function
Audit Log
- Audit of user behavior
- Audit of Administrator Behavior
Configure security information
Configure user pool information
Deployment plan
Frequently Asked Questions FAQs

Guides
/
Authority management for users

¶ Privilege Management Overview

Update Time: 2022-04-20 11:18:51

In the previous partwe have introduced authentication. Authentication refers to the process of authenticating the user's identity (such as using passwords, SMS codes, etc.). After successfully authenticating the user's identity, the next thing we need to do is privilege management

Privilege management generally means that users only can access their authorized resources according to the security rules or security policies set by the system.

There are two permission models that are widely used by everyone:Role-based access control (RBAC) and Attribute-based access control (ABAC). Both have their own advantages and disadvantages: the RBAC model is simpler to construct, but the disadvantage is that it is impossible to achieve fine-grained authorization of resources (both are to authorize a certain type of resource rather than a specific resource); ABAC model construction is relatively complicated, and the learning cost is higher. The advantage is that it is fine-grained and can be dynamically executed according to the context.

Next, you can learn how to choose a suitable permission model for your application system.

Prev: Personalize the guard Next: Choose the appropriate permission model

Company

400 888 2106

sales@authing.cn

16 / F, Block B, NORTH STAR CENTURY CENTER, Beijing(Total)

room 406, 4th floor, zone B, building 1, No. 200, Tianfu Fifth Street, Chengdu(branch)

Beijing ICP No.19051205-1