Role-Based Access Control (RBAC)

The Atlar API and Dashboard leverage RBAC to define user permissions and enhance security across the platform. This approach ensures that users are granted access only to the resources and functionalities pertinent to their roles. By defining distinct roles within the system, administrators can easily assign and manage user permissions. This not only simplifies the management of user access but also significantly mitigates the risk of unauthorized operations, aligning with best practices for data security and system integrity.

Setting up the Role

You can now navigate into User Management > Roles. Roles specify the scope of features and functionality that a user is able to access. For this getting started guide, create a new role with full access to Accounts, Counterparties, External Accounts, Transfers, Mandates & Direct debits.

Note that if you would try to access/modify some resource without the right permission on the role, you will get a 403 Forbidden response.

Setting up the Programmatic Access User

With the role created, you can head to User Management > Users and create a new 'Programmatic Access' user. Once created, the ACCESS_KEY and SECRET will be displayed. Make sure to store the secret securely. Furthermore, it is only shown here at this point. Should you lose it, you can delete the user and create a new one.