Introduction
Learn what are the three tiers of Webiny's security layer.
- what are the three tiers of Webiny’s security layer
Introduction
Webiny’s security layer is designed to provide a secure environment for your applications.
Most importantly, it allows users to define fine-grained permissions for individual Webiny apps, ensuring that only authorized users can access specific parts of your application.
It also enables integration with external identity providers, such as Auth0, Okta, and others, allowing you to manage users and their permissions from a single location.
It’s worth knowing that Webiny’s security layer is divided into three tiers, each offering different features. In the following section, we explain what each tier offers and how you can upgrade to unlock more features.
The Three Tiers of Webiny's Security Layer
Webiny’s security layer is divided into three tiers. The higher the tier, the more features are available.
All Webiny projects start with the Open Source tier. The tier is free to use but is limited when it comes to defining fine-grained permissions, allowing only the No Access and Full Access to be selected when defining permissions for individual Webiny apps.
Trying to select Custom Access will result in an alert message being shown, informing the user that the feature is only available with the Advanced Access Control Layer (AACL), which is available on the Business and Enterprise tiers.
To upgrade to Business tier, users link their project with Webiny Control Panel (WCP), from where they can activate the Advanced Access Control Layer (AACL) for their project. By doing this, users will be able to define fine-grained permissions for individual Webiny apps.
Finally, for the most advanced use cases, users can upgrade to the Enterprise tier. On top of the features available with the first two tiers, the Enterprise tier introduces Teams, Folder Level Permissions and Private Files.
To learn more about all of the enterprise features, check out the Webiny Enterprise section.