This topic describes the role-based access control that enables users to grant permissions to roles to access micro applications.


  • The permissions are broken down into three categories: actions, micro applications, and entry points. With micro applications for desktop, you can set permissions for menu items. With micro applications, you can set permissions for entry points and widgets.

  • API authentication: Authentication is performed on the gateway, without user-facing actions.

  • Assign roles to users.

  • Perform role-based access control.

  • If the access to a micro application is revoked from a role, all users of this role are not allowed to request any service of the micro application.

  • ⚠️ Submenu permissions only limit the menu item visibility to a role, instead of placing access control of API requests.

  • Action permission can be associated with multiple APIs. If a role is not granted access to an action, it is not allowed to call the action-associated APIs.

  • 🦸 The super admin role has full permissions for all micro applications, with access to all APIs and menu items.


Permission settings

Set permissions for micro applications with a role list.

Permission setting

Permission-based UI rendering

The development framework runtime provides an API used to render the UI of a micro application based on user permissions in advance.