Skip to main content
Korint provides a comprehensive and flexible permissions system based on the role-based access control (RBAC) security model to ensure that users can only access and perform actions relevant to who they are. Each user will be assigned roles, and each role is itself a list of permissions. Each action is protected by a specific permission - actions cover all of the operations that can be performed on Korint, such as creating a policy, quoting a policy, or visualizing a customer’s invoices. You can create any role you want from scratch per product. Typically roles will be among the following:
  • Retail Brokers: Brokers who need access to policy management operations, such as Mid Term Agreements, quote generation, or billing
  • Wholesale Brokers: Brokers who also need access to product distribution management and retail network management on top of typical policy management operations
  • Beneficiaries: End customers who need access to their dashboards, and operations such as billing and signature
You decide on which actions are available for each role. Connected users will be able to perform any action that is assigned to the role they have, on the resources (e.g. policies, assets, etc.) that they are linked to:
  • The user can be directly linked to a resource, for example a beneficiary can access their policy;
  • The user can be linked through their brokerage firm to a resource, for example a broker can access all policies managed by their brokerage firm.
For example, you could define the following roles for your product:
  • Retail_broker: visualize_policy, policy_management_actions (create_policy, quote_policy, stop_policy, etc.), visualize_customer, customer_management_actions (bill_customer, edit_payment_methods, etc.)
  • Wholesale_broker: all of retail_broker, retail_management_actions (create_retail_brokerage_firm, accept_distribution_request, etc.)
  • Beneficiary: visualize_policy, visualize_customer
You can use another setup for a different product. For example, you could deny the quote_policy action to your retail brokers and have it available only for wholesale brokers.