Role Based Access Control (RBAC) at Moveworks

Moveworks offers a suite of solutions to improve employee experience ranging from Employee Communications, Creator Studio, Knowledge Writer etc.

One crucial mechanism that ensures a seamless user experience is our Role-Based Access Control (RBAC) system.

What is RBAC?

RBAC is designed to provide users with specific, tailored access to applications and features on the Moveworks platform. This means that every user only interacts with tools relevant to them and performs actions they're authorized to do. As a result security is enhanced because unauthorized or accidental alteration or deletion of critical data is restricted.

What can you achieve from this module?

Role Based Access Control will allow you to assign specific roles to users to limit the actions they can perform.

Defining Roles in Moveworks

Moveworks incorporates a system of pre-defined roles for applications namely: the "Administrator," the "User," and the "Super Administrator".

Administrator:

The Administrator has an extensive array of capabilities within a given application. They can create, modify, and delete any resource available in the application. This involves having the highest level of control and responsibility within a single application.

Moreover, Administrators can manage the access control list of the application. They can add other employees as users of the system and in certain cases, upgrade them to the administrator level. An administrator can also revoke the access of another existing Administrator.

User:

The User of an application has more restricted functionalities. Users can create resources within the applications. Once a resource is created by a user, they have the capability to modify or delete it since they are its owner.

Resources created by other users are also visible to them, and they can make changes to these. Thus, the User role has a necessary level of access and control without compromising the system's overall integrity.

Super Administrator:

The Super Administrator role is the epitome of admin roles in the Moveworks system. This role has access across all applications within the Moveworks platform.

They are empowered to create, modify, and manage resources in any application. Further, they can grant access to other employees across different applications and roles, including escalating them to be super admins.

However, the revoking of Super Administrator access is a sensitive operation and is controlled by Moveworks directly to maintain security and control in the highest access tier.


I am ready to add roles!

Head over to this section to know how to assign roles for various applications.