Access Control¶
CYFR enforces access control at multiple layers: authentication, authorization, and encryption key delivery.
Permission Model¶
| Permission | Scope | Description |
|---|---|---|
content:read |
Content | View content metadata and playback |
content:write |
Content | Upload, update, delete content |
content:share |
Content | Generate sharing links |
admin:read |
Account | View settings, users, audit logs |
admin:write |
Account | Modify settings, manage users |
analytics:read |
Account | View usage metrics |
Teams¶
Teams group users for simplified permission management:
- Create a team: Admin → Teams → New Team
- Add users to the team
- Grant team access to content folders
Team permissions are additive — a user's effective permissions are the union of their individual and team permissions.
Content Visibility¶
| Visibility | Who Can Access |
|---|---|
| Private | Owner only |
| Team | Specified teams |
| Organization | All account members |
| Public | Anyone with the link (JWT still required) |
Sharing Links¶
Generate time-limited, password-protected sharing links for external viewers: