Glossary

Key terms used in Access Control documentation.

Core Concepts

Tenant

A logical partition representing an organization or business unit. All users, roles, and permissions are scoped to a tenant. A user can belong to multiple tenants.

User

An identity representing a person who can authenticate and perform actions. Users have profiles with contact information and can be assigned roles within tenants.

Role

A named collection of permissions assigned to users. Roles can be:

Platform roles - Global roles like access-control.admin
Tenant roles - Scoped to a specific tenant like TENANT_OWNER

Feature

A capability domain representing a functional area of the system. Examples:

USER_MGMT - User management operations
ROLE_MGMT - Role administration
TENANT_MGMT - Tenant configuration

Permission

A set of allowed actions on a feature. Standard actions include:

read - View records
create - Create new records
update - Modify existing records
delete - Remove records (soft delete)
restore - Restore soft-deleted records

Permission Assignment

Links a permission to a subject (typically a role). When a user has a role, they inherit all permission assignments attached to that role.

Capability

The ability to perform a specific action on a feature. Capabilities are checked at runtime when you access a page or action.

Feature Flag

A toggle that enables or disables functionality for specific users, roles, or tenants. Used for gradual rollouts and A/B testing.

Authentication Terms

Access Token

A short-lived JWT (JSON Web Token) used to authenticate API requests. Contains user identity and claims. Typically expires in 1 hour.

Refresh Token

A long-lived token used to obtain new access tokens without re-authentication. Should be stored securely and rotated regularly.

MFA (Multi-Factor Authentication)

Additional authentication step requiring a second factor (SMS code, authenticator app, etc.) beyond password.

OTP (One-Time Password)

A temporary code sent via SMS, email, or generated by an authenticator app. Used for MFA and password reset flows.

Session

A server-side record of an authenticated user. Sessions can be revoked to force re-authentication.

Audience

The intended recipient of a token. Different applications require different audiences (e.g., control-admin for the admin UI).

Invitation Terms

Invitation

A pending user record with a unique token sent via email. Recipients use the token to complete registration.

Invitation Status

Status	Description
`pending`	Awaiting user action
`accepted`	User completed registration
`declined`	User rejected invitation
`expired`	Past expiration date
`cancelled`	Revoked by administrator

Administrative Terms

Platform Admin

A user with global administrative access to the Access Control system. Can manage all tenants and system configuration.

Tenant Admin

A user with administrative access within a specific tenant. Can manage users, roles, and permissions for their organization.

Audit Log

A record of actions performed in the system. Includes who performed the action, what changed, and when.

Soft Delete

Marking a record as deleted without physically removing it from the database. Allows recovery via restore operation.

Hard Delete / Permanent Delete

Physically removing a record from the database. Cannot be undone.

Core Concepts​

Tenant​

User​

Role​

Feature​

Permission​

Permission Assignment​

Capability​

Feature Flag​

Authentication Terms​

Access Token​

Refresh Token​

MFA (Multi-Factor Authentication)​

OTP (One-Time Password)​

Session​

Audience​

Invitation Terms​

Invitation​

Invitation Status​

Administrative Terms​

Platform Admin​

Tenant Admin​

Audit Log​

Soft Delete​

Hard Delete / Permanent Delete​