Skip to main content

Policies

Policies are the cornerstone of access control within the Zango platform, governing how permissions are assigned and managed. Understanding policies is essential for orchestrating user access to different resources.

Policy Overview

Policies serve as blueprints that dictate the allocation of permissions to users and user roles. Permissions are organized within policies, allowing you to fine-tune access to various resources according to your application's needs.

As mentioned earlier, permissions are initialized through policies. A policy can contain one or more permissions, which collectively define the scope of actions a user or user role can perform.

Configurations in Policies

Policies, much like permissions, are configurable entities that can be tailored to suit specific access scenarios. These configurations allow you to fine-tune the behavior of policies according to your application's requirements.

Expiry Configuration

One noteworthy configuration is the Expiry setting. This allows you to define an expiration date for the policy. After the expiry date, the policy becomes invalid, rendering any user or user role associated with it unable to access resources granted by the policy. This configuration adds a temporal dimension to access control, enhancing the security and relevance of policies.

By leveraging policy configurations, you ensure that access to resources remains aligned with your evolving needs while maintaining security and compliance.