Role-based access control

Role-based access control (RBAC) is a mechanism that restricts system access. It involves setting permissions and privileges to enable access to authorized users only. Access rights and actions are assigned according to a user's role within CDP Data Visualization.

RBAC enables administrators to exercise fine-grain control over data and feature access based on roles. Everyone who holds a certain role has the same set of rights. Those who hold different roles have different rights. For more information, see Role privileges.

RBAC consists of the following components:

Permissions: Permissions define access to visuals, datasets, data connections, and system-level functions. There are four categories of permissions: system, role, connection, and dataset. For more information, see the List of permissions.
Privileges: Privileges are sets of permissions of a particular type and the associated components on which the permissions are granted. For example, a privilege may consist of the permission View visuals and dashboards on component specifier Connection default / All datasets.
Members: Members are a list of users and groups that are assigned to a particular role.
Roles: Roles are collections of privileges and associated members who have these privileges.