Skip to main content
Version: 3.2.9.5

Roles

API7 Enterprise enables implementing fine-grained access control policies through Role-Based Access Control (RBAC).

Built-in Roles

API7 Enterprise provides three types of built-in roles. The predefined roles cover common personas like API providers, Infrastructure operators, and Super admins. The RBAC system allows composing granular access control policies using these roles. Users are assigned appropriate roles based on their responsibilities and duties in the API lifecycle.

Super Admin

This role has the highest level of permissions. It can perform all administrative operations like adding/modifying routes, services, and plugins, as well as managing other users and assigning roles for them. Typically, the Super Admin role is assigned to core infrastructure administrators.

API Provider

This role enables the management of API publishing and API consumption operations, such as adding, modifying, and publishing services, routes, upstreams, applying plugins, and handling API consumers. Typically, the API Provider role is assigned to API developers.

Runtime Admin

This role enables monitoring and managing runtime configurations like gateway instance and setting alerts. It can modify gateway settings. Typically, the Runtime Admin role is assigned to platform/operations engineers.

API7.ai Logo

API Management for Modern Architectures with Edge, API Gateway, Kubernetes, and Service Mesh.

Product

API7 Cloud
API7 Enterprise
API Portal
Roadmap

Open Source

Apache APISIX
K8s Ingress Controller
wasm-nginx-module
Contributor Graph

Resources

Blog
Documentation
NGINX + Lua
APISIX vs Kong
APISIX vs NGINX

Company

About
Contact
Compliance Standards
Partners
Terms & Privacy
SOC2 Type IIISO 27001HIPAAGDPRRed Herring

Copyright © APISEVEN Ltd. 2019 – 2024. Apache, Apache APISIX, APISIX, and associated open source project names are trademarks of the

Apache Software Foundation