prevent ABAC (Attribute Based Access Control) from beeing turned off

View Only

Back to discussions

Expand all | Collapse all

prevent ABAC (Attribute Based Access Control) from beeing turned off

Jump to Best Answer

Thread closed by the administrator, not accepting new replies.

1. prevent ABAC (Attribute Based Access Control) from beeing turned off

Like

Christoph Domaschke

Community Rockstar

Posted 01-09-2026 08:20

No replies, thread closed.

Hi Community,
I try to dig deeper into Attribute Based Access Control. I sucessfully created some Policies and they are working fine. But my problem is: All this new security is collapsing like a card house, if the wrong person is turning off the "Enable Attribute Based Access Control" in Organization Settings.
Is there a way to prevent that with ABAC? Or do I miss something essential?

Best regards
Christoph

#Security

------------------------------
Christoph Domaschke
Produktmanager Kunden-Dialog-Center
------------------------------
2. RE: prevent ABAC (Attribute Based Access Control) from beeing turned off
Best Answer

Like

Cameron Tomlin

Genesys

Posted 01-09-2026 08:33

No replies, thread closed.

Hello Christoph,

I have a few recommendations/ideas to help protect your ABAC implementation. First you will need to strictly limit who has admin access to your org settings. Second I would recommend a regularly audit on who has admin privileges. I would recommend implementing change management process that require approval for any modifications to the Org settings.

I also want to remind you that you can use the audit logs to monitor any changes to ABAC settings.

Hope this helps!

------------------------------
Cameron
Online Community Manager/Moderator
------------------------------
3. RE: prevent ABAC (Attribute Based Access Control) from beeing turned off

Like

Christoph Domaschke

Community Rockstar

Posted 01-12-2026 02:41

No replies, thread closed.

Hello Cameron,

Thank you for your response. I will create a custom Admin role without the Directory > Organization > Admin permission and swap it for everyone that must not change the org settings. Together with a ABAC that prevents adding this role for everyone except selected Master Admins that should make the whole thing robust.

Thanks for the additional notes about auditing the admin privileges, too.

------------------------------
Christoph Domaschke
Produktmanager Kunden-Dialog-Center
------------------------------

Original Message

Genesys Cloud - Main

prevent ABAC (Attribute Based Access Control) from beeing turned off

Christoph Domaschke01-09-2026 08:20

Cameron Tomlin01-09-2026 08:33Best Answer

Christoph Domaschke01-12-2026 02:41

1. prevent ABAC (Attribute Based Access Control) from beeing turned off

2. RE: prevent ABAC (Attribute Based Access Control) from beeing turned off Best Answer

3. RE: prevent ABAC (Attribute Based Access Control) from beeing turned off

Related Content

Attribute-based access control

UI Change: Attribute Based Access Control (ABAC)

Using ABAC to prevent users from updating user profile fields

New access control settings

Removal of collapse and expand controls from agent Interactions UI

2. RE: prevent ABAC (Attribute Based Access Control) from beeing turned off
Best Answer