Last updated
Was this helpful?
Last updated
Was this helpful?
Aidbox provides a role-based access control mechanism based on access policies and User
resource.
Create a user containing practitioner
role.
Create an access policy that allows practitioners to read patients' data.
user-1
Click "Logout" in the AidboxUI navigation. Log in using user-1
credentials (user-1 /password).
Aidbox will return you a Patient resource.
When you make a query
Aidbox router stores data in the request object:
Uri /Patient/pt-1
in the uri
property.
Method get
in the request-method
property.
User data in user
property. In particular user.roles[].value
contains user roles.
Access policy engine evaluates request object. And here it checks that user.roles[].value
property contains practitioner
string.
You can inspect request object .