LabKey Server has a group & role-based security model. This means that each user of the system belongs to one or more security groups, and each group has a specific set of permissions (aka "roles") in relation to projects and folders on the system. When you are considering how to secure your LabKey site or project, you need to think about which users belong to which groups, and which groups have access to which projects and folders.

The topics in this section describe the LabKey security architecture. You may not need to understand every aspect of LabKey security in order to use it; in general the default security settings are adequate for many needs. However, it's helpful to be familiar with the security architecture so that you understand how users are added, how groups are populated, and how permissions are assigned to groups.

Topics

• Tutorial: Security: Security basics.
• The Site Administrator: The site admin has global privileges on the LabKey site.
• Configure Permissions: Setting permissions for a group on a project or folder.
• Security Groups: Assigning users to security groups.
• Security Roles Reference: The permission levels available to be granted to users.
• User Accounts: Adding users to your LabKey site and managing their accounts.
• Authentication - Configure authentication providers.
• Test Security Settings: Testing security settings for users in various groups.

Related Topics

• Manage Study Security (Dataset-Level Security) - Covers security management specific to studies.
• Securing Portions of a Dataset (Row and Column Level Security) - How to expose specific portions of a dateset, without granting access to the dataset as a whole.
• Export and Import Permission Settings - Export and Re-import security settings to another environment.
• HTML Encoding - Describes the most important web application security vulnerabilities and how to protect against script injection.
• Remote Login API - The remote login/permissions service allows cooperating websites to use LabKey Server for authentication and attach permissions to their own resources based on permissions in LabKey Server.