The initial administrator user is a global administrator. This user is granted all permissions - can access all data and functionality. New users are considered global administrators when they are not assigned to a group.
Related:
Setup
Create Group / Tenant
- First user created is considered the group administrator (Group / Tenant Administrator)
- Option to assign a role in not available since the first user is expected to have all permissions
Create Sub-Group / Sub-Tenant
- This is needed if you wish to create users with specific roles/permissions
- The parent group selected will be the administrator
Important
- Group / Tenants cannot be deleted once created
Create Role
- A role allows you to associate specific permissions to access DataHub features
Create User
- To create a user with all permissions; select the parent Group / Tenant
- To create a user assigned a specific role with permissions; select the child Group / Tenant
Important
Logging in through the DataHub User Interface
- The user will only have access to features as defined by the permissions assigned to their role
REST API
- Postman: Update your user and password environment variables to match your created user. Be sure to get a new access token. Refreshing the access token may result in an error.
Permission Options - Definitions
CONNECTIONS
List Connections
-
Connections page is visible; can list connections via rest call GET {{url}}v1/connections
-
In the user interface, options to edit/delete a connection is presented but user with only this role will be denied action
Manage Connections
- Only Dashboard is visible if this permission is used in isolation
- This permission is only applicable when used in combination with List Connections
Read Content
- browse content, is available only through rest. Similar to v3 Navigator
Write/Delete Content
- Allows upload of content to the connection
- Similar to DataHub 3.7 Navigator feature where you can do native copy/move files to other folders within the DataHub application
List Jobs
- Dashboard, Reports and Jobs are visible but cannot start/stop/pause jobs, reset stop policy, manage schedule, rename job, delete job.
Manage Jobs
- Only Dashboard is visible
- This permission is only applicable when used in combination with List Jobs
- List Jobs + Manage Jobs allows you to run the job along with manage the job schedule, rename the job, duplicate / clone the job and delete the job.
Control Jobs (Start/Stop/Pause)
- Only Dashboard is visible
- This permission is only applicable when used in combination with List Jobs
- List Jobs + Control Jobs allows you to see and run jobs. All other job actions will be disabled
Manage Reports
- This permission is only applicable when used in combination with List Jobs
Manage Templates
List Remote Sites
Manage Remote Sites
Invoke Remote Sites
Establish Remote Sites
SECURITY
List users and Groups
- Ability to view list of currently created users
- No access to create, edit, manipulate these users
Manage users and Groups
- Ability to manage user list
- Permits user creation
- Permits user editing
- Ability to create/edit Groups
- No ability to create/edit Roles
Manage Access Rights
- Ability to create/edit Roles
- No ability to create Groups
- No ability to create/edit/manipulate individual users
List All Permissions
GET {{url}}v1/permissions
|