Aiming at the existing identity-based access control system cannot meet the needs of user-customized software combination services, so an internet of things (IoT) platform based on dynamic role service authority control is proposed. Firstly, in the design of the IoT platform, integrate the functional modules of the IoT platform by understanding the entire production cycle of the device; Then the platform center on dynamic roles and expands its logical design; After that, according to the role-based access control (RBAC) model, it organizes user permissions and groups, and divides the roles of users who access the Web service; Finally, it provides more fine-grained access control to some functions of web services at the role-based operation level. Experiments have shown that after the dynamic role service permission control, roles can be dynamically defined, and the fine-grained range of authority access can be accurate to the operation level, which is optimized to the traditional access control system. This method realizes the simple and flexible management of role permissions, and it has important guiding significance in practical engineering applications.