Security in ONEWEB controls the access to application through the interrelated mechanisms of authentication and authorization. Once a user is authenticated, ONEWEB uses authorization and access control methods to protect and secure resources. Resources are made available to users based on roles that have the right permissions. ONEWEB supports LDAP authentication as well as local repository authentication in ONEWEB.

According to the Access control model in ONEWEB, users are assigned roles and roles have permissions to access objects. This will define what a user and role can and cannot do.