InterSystems Programming Tools Index
Control what each user is permitted to use, view, or alter.
Authorization is the process of controlling what each user can use, view, or alter in the application.
Role-based authorization model
InterSystems uses a role-based authorization model; roles carry permissions, and users are assigned to roles. A user then has the cumulative permissions provided by all the roles to which the user belongs.
As a programmer, you are responsible for including the appropriate security checks within your code to make sure that a given user has permission to perform a given task. You can also temporarily give a user permissions for a specific task, using an option called role escalation
Content Date/Time: 2019-04-23 15:16:10