It is easy to define the security of an ORIGAM application. Security is deeply integrated on different levels:
- Three-level security model (users/roles/permissions)
- Data change auditing
- Row-level-security (rules for setting view/edit/delete permissions on data rows)
- Menu permissions (assigning which menus each user can access)
- API permissions (assigning which API methods each user can access)
- SSL support
Once you define your permissions they automatically work everywhere. E.g. when you define row-level-security so the user can only see records of her organization those records appear in any screen, drop-down field or through an API call.
The same works with data auditing - no matter through which functionality you change the data (a screen, sequential workflow, API call) - the changes in the data will always get audited.
Example
Built-in user management: