Model and assign authorizations with Safewhere*authorize

In order to manage who is allowed to do what, it is important to build a fairly abstract model of authorizations - or entitlements if you prefer.

Modeling capabilities in Safewhere*authorize are close to limitless, as they are constructed on top of our unique modeling engine. The challenge is to model authorizations at a granularity and complexity that actually mimics how the business is run. I.e. in a smaller company you may be allowed to do everything HR including payroll, where as a larger organization will want to authorize individuals or groups to perform only smaller parts of the HR workload.

Secondly, once the model of authorizations has been built, rules must be defined to assign authorizations and other attributes to users at runtime. Authorization assignment rules will typically depend on the user identity and the environment.