Managing User Permissions - RBAC

👤 This documentation is intended for Site Administrators.

Note: Site Admins should refer to the Managing User Permissions documentation for customers that do not have Role-Based Access Control (RBAC) enabled.

User Roles let Admins manage their users' view and edit permissions easily. Admins can quickly set up different user types by modifying the user roles that users belong to and the settings of those roles.

<div><UL>
<LI><a href="#ManagingOverview">Managing Permissions Overview</a></LI>
<LI><a href="#RolePermission">Role Permission Defaults</a></LI>
<UL>
<LI><a href="#Admin">Admin</a></LI>
<LI><a href="#Everyone">Everyone</a></LI>
<LI><a href="#Analyst">Admin</a></LI>
<LI><a href="#BusinessUser">Business User</a></LI>
<LI><a href="#Read">Read</a></LI>
</UL>
<LI><a href="#CreatingCustomRole">Creating a Custom Role</a></LI>
<LI><a href="#RemoveEditRole">Removing a User Role or Editing a Role Name</a></LI>
<LI><a href="#AddingUserstoRoles">Adding and Removing Users from Roles</a></LI>
<LI><a href="#AddingNewUser">Adding a New User</a></LI>
</UL></div>
<HR>

<a name="ManagingOverview"></a>

Managing Permissions Overview

To view and modify existing user role settings, administrators can first click Settings menu in the bottom left hand corner.

Then, click the Permissions option:

Then, click the Roles tab.

<a href="#top">Back to top</a>

<a name="DefaultRoles"></a>

Default User Roles

User roles are a great way to control user permissions and access within Periscope. Only admins can set up new user roles, change user role permissions, and add and remove users from user roles.

Each account has five built-in user roles: Admin, Everyone, Analyst, Business User and Read. The first user added to the account will be an administrator, and this user will be automatically added to the built-in Admin and Everyone user roles. Subsequent users will be added to the Everyone user role.

By default, both the Admin and Everyone roles have SQL access, allowing newly added users to easily create dashboards, views, and contribute to data analyses.

<a href="#top">Back to top</a>

<a name="Admin"></a>

Admin

To create an admin, an existing admin can add the user to the Admin user role.

<a href="#top">Back to top</a>

<a name="Everyone"></a>

Everyone

By default, the Everyone role has SQL access, granting all users the ability to create and edit SQL and Discovery charts. This can be modified by unchecking the boxes:

<a href="#top">Back to top</a>

<a name="Analyst"></a>

Analyst

A user can create SQL and Discovery charts if they belong to the Analyst role. Assigning a user to the Analyst role gives the user the ability to edit and share dashboards.

<a href="#top">Back to top</a>

<a name="BusinessUser"></a>

Business User

A user can create and edit Discovery charts if they belong to the Business User role.

Note: The Discovery access level is only visible on instances with the Data Discovery feature. Site administrators interested in enabling the Data Discovery feature can reach out to their Customer Success Manager,

<a href="#top">Back to top</a>

<a name="Read"></a>

Read

A user cannot access any underlying SQL or the Data Discovery interface if they do not belong to any roles that have SQL or Discovery access. To create a read-only user, the Everyone role must not have SQL or Discovery access, and the user must not be a member of any other Roles that have access to creating SQL or Discovery Charts.

To remove SQL and Discovery access to the Everyone role, first uncheck all access except Read Dashboards. Then, click Save. This will make the built-in Read role be Read only.

<a href="#top">Back to top</a>

<a name="CreatingCustomRole"></a>

Creating a Custom Role

First, click the Site Settings gear icon to access account settings and click on Permissions. On the Permissions tab, click the green plus button to create a new custom user role. This provides an area to enter the role name and determines the level of access granted to users belonging to the role.

<a href="#top">Back to top</a>

<a name="RemoveEditRole"></a>

Removing a User Role or Editing a Role Name

Hovering over a custom role causes a pencil icon to appear on the right-side of the row. Click on the pencil icon to edit the name of the role and the role description.

To remove a custom role, click on the role. Then click ‘Delete Role’.

The Admin, Everyone, Analyst, Business User, and Read roles are unable to be deleted and their names cannot be altered.

<a href="#top">Back to top</a>

<a name="AddingUserstoRoles"></a>

Adding and Removing Users from Roles

Clicking on a role opens the permissions allowed to this role. Click on the Users tab to view users that are associated with the selected role.  

To add a user, click ‘Add Users’ on the Users tab from the selected role. To remove a user from the selected role click on the trash icon.  

<a href="#top">Back to top</a>

Adding a New User

First, click the Site Settings gear icon to access account settings and click on Permissions. On the Permissions tab, click the User Tab. Then, click Add user button at the top right. This drops down an input form for the new user's name and email. Once that information has been entered, click Add to create the account.

After their account has been created, the newly added users will receive an automated email with a login link.

<a href="#top">Back to top</a>

Our support team is ready to help