---
title: "Access model"
chapter: false
weight: 10
---


## Access Model
![Access model](/images/access_model.png)
The SmallID access model can be summarized as follows:

- Each user is represented by a record in BigID, AD, or SAML.
- The user is assigned one or more roles.
- Each role specifies permissions for system functions (and their features), and one data scope.
- Each data scope refers to one or more data sources, except “root” which always refers to all enabled data sources.

### Scope
### Role
### User