Skip to main content

Table of Contents

Role-based access control


Only available versions of this content are shown in the dropdown

Use role-based access control (RBAC) to restrict users from having access to certain UI elements, to performing only certain actions in the UI, or to having any access to a class, based on defined roles and privileges that are derived from the user’s access group. Access groups define the actions that groups of users can do in an application. For example, you can configure a case manager access group so that case managers can approve important cases that are not permitted for other case workers.

The basic components of RBAC are operators, access groups, and access roles. An operator ID represents a user who is permitted to log in to a Pega Platform application.

An access group is a group of permissions within an application. An operator belongs to one or more access groups, depending on what applications and functions the user can access. At any given time, one access group is in effect for a logged-in user.

An access group includes one or more access roles which define what the group can do. The same role can be used in multiple access groups.

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us