Redox is introducing role-based access control (RBAC)
Nov 16, 2023
What’s role-based access control?
With role-based access control, you will have more control over user access in your Redox organizations to:
Mitigate the risk of leaking sensitive data, like PHI, by making sure that only relevant users can access this kind of data.
Reduce the chances of breaking changes by controlling who can make changes or what changes users can make in their organization's settings and configuration.
Enforce observance of any relevant internal or external security and compliance policies.
You can now control which users manage your Redox organization, as well as who can access data or make processing and connectivity changes on an environment-by-environment basis.
Redox platform users will each be assigned roles both at the organization and the environment level, with one role assignment for each environment they have access to. The user’s assigned role determines what they can see and do in an environment.
Roles are predefined with certain access and permissions. When a user is assigned a role, they gain the access and permissions defined for that role. Learn how to manage access and review available roles below.
New roles
Organization roles
A user may only be assigned one organization role at a time which determines their capabilities and access at the organization level.
Environment roles
An environment role determines the capabilities and access a user has within an environment. A user isn't required to have an environment role in every environment (in which case they won’t have access to that environment), but if they do, they may only have one within each environment.
When is this happening?
Access Control will launch and be available in December 2023. We’ll make another announcement in early December when the launch date is set. This is an early release announcement to allow you to prepare for the upcoming changes. Reach out to your Redox Technical Account Manager with any questions.
What do I have to do to migrate?
We’ll migrate current users in your Redox organization for you, prior to launch, to their new roles based on their current permission settings in their Redox organization:
Organization role migration
Current owner flag | New organization role assignment |
---|---|
Owner | Owner |
Non-Owner | Member |
Environment role migration
Current PHI access flag | New development role assignment | New staging role assignment | New production role assignment |
---|---|---|---|
PHI access | Engineer | Engineer | Engineer |
No PHI access | Engineer | Engineer | Observer |
Engage with Redox
Submit a ticket to the Redox Help Desk
View our docs site
Subscribe to our Changelog for product updates
Join our Redox Slack Community