Role-based access control example

This example demonstrates how roles can be used to manage access to different target applications.

The following picture shows a simple architecture sketch, where Airlock Gateway enforces the access control decision taken by Airlock IAM:

The users (User1 ... User4) access three different applications with different access rights.

• Applications:
• Public Portal: A public web application accessible by anyone without prior authentication.
• Customer Portal: A web application only accessible by known customers and selected administrators.
• Admin Portal: A web application only accessible by selected administrators.

• Users with allowed access (access policy):

Username	Public portal	Customer portal	Admin portal
User1
User2
User3
User4

• Internal links:
• Airlock IAM as Policy Decision Point (PDP) for more information on using and configuring Airlock IAM for access control decisions.
• Airlock Gateway as Policy Enforcement Point for more information on using and configuring Airlock Gateway for access control enforcement.