This documentation is for WSO2 Identity Server 5.3.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


  • Role-based access control: Role-based access control (RBAC) is an approach used to restrict access to authorized users based on their role. It is used by the majority of enterprises with more than 500 users.  This is a static permission model where permission of the roles can be updated by updating permission in the permission tree of WSO2 Identity Server.
  • Attribute-based access control: Attribute-based access control (ABAC) defines a new access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. Policy Based access Controling is done by extending the ABAC model.

Image Added

XACML is an XML-based language for access control that has been standardized by the Technical Committee of the OASIS consortium. XACML is very popular as a fine grained authorization method among the community. However, there are plenty of other aspects of XACML other than it being just a fine grained authorization mechanism.