- Role-based access control: Role-based access control (RBAC) is an approach used to restrict access to authorized users based on their role. It is used by the majority of enterprises with more than 500 users. This is a static permission model where permission of the roles can be updated by updating permission in the permission tree of WSO2 Identity Server. This is a subset of ABAC.
- Attribute-based access control: Attribute-based access control (ABAC) defines a new access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. Policy Based access Controling is done by extending the ABAC model.