Mendix provides role-based user access to applications built with the platform out of the box. This is because apps in Mendix consist of one or more modules, and a module typically has a functional scope (for example, items, customers, orders) while being self-contained so that it can be reused in multiple apps. Because of the distinction between apps and modules, security aspects are defined on both levels. Application-level security settings apply to all the modules within the application, and module-level settings are specific to each module.
Mendix application security is defined according to the parameters described below.
How Are App-Level Security & App Model Consistency Defined in Mendix?
The Mendix Platform supports configurable integrity checks for security on all the relevant aspects of applications deployed on the platform. Mendix checks the consistency of the security settings as well. For example, a person allowed to see a certain UI element that lists data from a table must also be authorized to view the data associated with that UI element.
Depending on the stage of development, application and integrity checks can be applied more or less stringently. This is advantageous in development and prototype contexts to avoid unnecessary activities regarding consistency and security in the preproduction stage. The security levels Off and Prototype / demo are only allowed for local testing, Free Apps, and apps deployed to a non-Mendix Cloud environment which is specified for development. They cannot be used for deployments to production environments.
Deployment of licensed apps to all Mendix Cloud environments requires the Production security level and the complete configuration of all security settings.
To avoid unintended security omissions by citizen developers, apps deployed to the Mendix Cloud from Mendix Studio always require the Production security level. Moreover, Studio users cannot configure roles with anonymous access.
An end-user of your application is assigned one or more user roles by an administrator or is provisioned automatically from a (third-party) identity and access management solution that can be integrated with the app. The user then gets all the access rights that these user roles represent.
How Can I Scale App Access?
How Can I Define a Password Policy?
Password policies can be defined flexibly (for example, by configuring the password strength, character sets allowed/prescribed, and password expiry policies). A password policy can also be defined by the organization when implementing SSO authentication using, for example, SAML or OpenID.
Additionally, two-factor authentication can be enabled within the Mendix Cloud for sensitive activities. Two-factor authentication can also be added anywhere within a Mendix application to further secure access to the app or parts of the app.
For more information, see the section How Are Passwords Stored in My Mendix App? in Runtime Security.
How Configurable Is File Access in Mendix?
The access rights for file storage and use of images in Mendix applications are fully configurable.
Each Mendix application model consists of various modules that are self-contained. Data-level and UI-level security for pages, microflows (which execute actions), entities, and data sets is defined in each module itself.
The sections below describe how this level of security is configured in Mendix apps.
How Do Module Roles Work in My Mendix App Model?
Mendix distinguishes module roles from user roles so that the module along with its roles can be reused in different apps and/or published to the Mendix Marketplace.
How Can I Define Module-Level Security Settings?
At the module level, security logic is separated from application logic. This allows for easy accessibility as well as the maintenance and validation of security settings even by less technical users. All the security settings are managed from Mendix Studio Pro in order to define access rights for the elements described below.
This video presents the various module-level security settings that are available:
How Does Mendix Protect the Pages of My App?
Page access defines the application pages that users with a certain module role can access. The navigation items (menu bars and buttons) are optimized so that they only show items that direct to the pages to which the user has access.
Page access takes the shape of a matrix showing pages and module roles. For each combination, the user can indicate whether or not the module role has access to the page. This information can also be edited within a page using the Visible for property.
How Is Business & Process Security Defined in My Mendix App?
Microflows are used to visually define business and process logic. Microflow access defines which microflows can be executed by users with a certain module role. The navigation items (menu bars and buttons) are optimized so that they only show the microflows to which the user has access.
Microflow access is managed within a matrix of microflows and module roles. For each combination, the user can indicate whether or not the module role has access to the microflow.
How Is App Data Encapsulated Securely in Mendix?
For each module role, entity access defines whether users with the role are authorized to create, read, update, and delete objects of the entity. Entity access is configured with access rules that apply to entities. Each access rule in turn applies to a (set of) module role(s). The access rules of an entity define what a user is allowed to do with objects of the entity. Users can be allowed to create and delete objects as well as view and edit member values. A member is an attribute or an association of an entity.
How Can My Mendix App Integrate with Third-Party Identity Management Solutions?
The built-in security role and authentication mechanisms in the Mendix Runtime support integration with other third-party identity managers (like Microsoft Active Directory and SAP IDM) using protocols like LDAP and Kerberos.