04 Auth

4.1 Summary

Authorization is a vital concept in building decentralized applications (dApps), allowing control over who can perform specific actions. Unlike traditional web applications, dApps operate on distributed ledger systems, making them permissionless by default. However, there are scenarios where you need to restrict actions to specific users or roles. Scrypto offers an elegant solution to authorization with roles, access rules, and badges:

Roles: are labels used to define boundaries of access. For example, you might have an "admin" role which is allowed to perform a set of permissioned action whereas a "super admin" role may cover a separate set of permissioned actions.
AccessRule: An AccessRule defines the conditions required to grant access to something. Often, an AccessRule is paired with a role to create conditions how the role and its permissions are accessed.
Badges: Badges are simply resources used for auth. For example, when we specify a resource as part of an AccessRule condition, we can consider a resource a badge.

4.1 Introduction to Auth

4.2 Resource Auth - Revisiting Resource Behaviors

04 Auth

4.1 Summary

Roles: are labels used to define boundaries of access. For example, you might have an "admin" role which is allowed to perform a set of permissioned action whereas a "super admin" role may cover a separate set of permissioned actions.
AccessRule: An AccessRule defines the conditions required to grant access to something. Often, an AccessRule is paired with a role to create conditions how the role and its permissions are accessed.
Badges: Badges are simply resources used for auth. For example, when we specify a resource as part of an AccessRule condition, we can consider a resource a badge.

4.1 Introduction to Auth

4.2 Resource Auth - Revisiting Resource Behaviors