openCRX includes enterprise-class role-based security which enables administrators to effectively manage realms, principals, roles, and permissions:

Furthermore, the powerful role-based approach to managing permissions enables the business side to control access to information with the appropriate granularity (e.g. access to team-information can be strictly limited to team members). Much more detailed information is available in the openCRX Admin Guide.

All security concepts implemented by openCRX are multi-entity enabled, i.e. even the most complex deployment scenarios (e.g. Application Service Provider environment) can be handled virtually out of the box: