Securing your backend application is a key consideration when architecting systems. Two very important factors of security are authentication and authorization. Authentication is widely spoken of and has good community sentiment around it. Considering Authorization, the mechanism of providing access to different resources of the application based on the roles, privileges, and permissions of a user is often termed as Role Based Access Control (RBAC). We will walk through the best practices of implementing RBACs on a Node.js application to make it more secure using custom RBAC implementation and using the "accesscontrol" library.