Role-Based Access Control (RBAC)

A model for granting permissions based on a user's role rather than assigning individual permissions per user.

RBAC simplifies access management at scale by defining a small number of roles (admin, member, billing, viewer) and assigning users to roles. Adding a new permission to a role updates everyone in that role. Most SaaS apps ship with at least three default roles; enterprise tiers usually allow custom roles and per-resource permissions. RBAC makes deprovisioning faster and reduces accidental over-privileging.