Configure RBAC for navigation
If you have a page in your project that you only want certain teams to be able to access, you can also limit access to any links to that page in navigation menus. Navigation menus include links as items that can be part of groups. Group RBAC configurations apply to all items listed in the group, whereas individual link RBAC configurations only apply to that specific item. To set permissions for links or groups in navigation menus, you must add the rbac configuration option for them to either:
- your
redocly.yamlfile for links or groups in the navbar or footer menus - your
sidebars.yamlfile for links or groups in the sidebar menu
In the navbar and footer
To specify permissions for a link or group in the navbar or footer, add the item's RBAC configuration in the redocly.yaml file.
In the following redocly.yaml RBAC configuration examples, the link to visible-link.md is visible to all users:
navbar example
navbar: items: - label: Protected page page: visible-link.md rbac: '*': read
footer example
footer: copyrightText: Copyright © Redocly 2019-2020. All right reserved. items: - group: Support items: - label: Protected page page: visible-link.md rbac: '*': read
You can also control group visibility by adding the rbac configuration to the group.
In the following redocly.yaml RBAC configuration examples, the link to invisible-link.md is not visible to all users:
navbar example
navbar: items: - group: Protected group rbac: '*': none items: - label: Visible page page: invisible-link.md
footer example
footer: copyrightText: Copyright © Redocly 2019-2020. All right reserved. items: - group: Hidden Support Group rbac: '*': none items: - label: Visible page page: invisible-link.md
Making the navigation links not visible does not protect the content if the user has a direct link to it.
In the sidebar
To specify permissions for a link or group in the sidebar, add the item's rbac configuration to the sidebars.yaml file.
In the following sidebars.yaml RBAC configuration example, the link to visible-link.md is visible in the sidebar to all users:
- page: ../visible-link.md label: Protected page rbac: '*': read
In the following sidebars.yaml RBAC configuration example, the link to invisible-link.md is not visible in the sidebar to all users:
- group: Hidden group rbac: '*': none items: - page: ../invisible-link.md label: Protected page
Making the navigation links not visible does not protect the content if the user has a direct link to it.
Resources
- Learn more about RBAC (role-based access control) in the concept documentation.
- Follow step-by-step instructions for How to configure RBAC.
- View full configuration details in the
rbacconfiguration reference. - Check out the x-rbac OpenAPI extension documentation to apply RBAC permissions to specific objects in OpenAPI reference documentation.