User management
Users with Owner or Admin roles within a Rollstack organization can add and configure data sources. This centralized control mechanism ensures data configuration aligns with organizational policies and access privileges.
Our platform rigorously follows the data separation rules and Role-Based Access Control (RBAC) systems established in the connected data source. This approach guarantees that data handling and access permissions are consistent with your existing security protocols.
Depending on the nature of your data source, credentials may include shared fields (such as instance URLs or common secrets) accessible to all relevant users within your organization.
- Protection of User-Specific Fields: To prevent unauthorized access or accidental credential overrides, only organization admins are permitted to modify user-specific fields. This safeguard is critical for avoiding data security breaches.
Data Source | Common Fields | User-specific fields |
---|---|---|
Tableau |
|
|
Looker |
|
|
Metabase |
|
|
Once you have set up the data source, you can now configure the user-specific credentials
Open the Data Sources page
in the data sources table, click on User management next to your data source
You can now add credentials for other users within your organization or modify existing ones.
The Status column will show you if access is active for a particular user.
- Active status means the credentials are working. The user can start using this data source in their Rollstack account.
- Inactive status means the wrong username is being used for this user. The Admin will need to update the username of this specific user.
As an admin, you also have the option to configure a single entry point to your data source for all of your users. This means that any user credentials can be used as a service account for all the organization's users.
Open the Data Source page
in the data sources table, click on User management next to your data source
Choose a user and click on the Use as service account toggle
Automatic provisioning simplifies the process of granting new users access to data sources by automatically assigning them the necessary credentials upon their addition to an organization. This feature can be beneficial for quickly onboarding users, but it may pose a security risk if not managed carefully.
When automatic provisioning is enabled, every new user added to your organization is automatically assigned access to the data sources configured for the organization. Typically, an admin must set up each user's credentials, ensuring proper access control and security. However, if a service account is used, new users are granted immediate access without needing individual credential setup.
Admins can choose to disable automatic provisioning to enhance security. When this feature is disabled, new users will not be automatically assigned access to data sources. Instead, an admin must manually configure each user's credentials, ensuring that only authorized personnel have access to sensitive data.
To enable or disable automatic provisioning:
- In the data sources table, click on Settings next to your data source.
- Use the Enable automatic provisioning checkbox to toggle the feature on or off.
Therefore, organizations can maintain stricter control over who has access to their data sources, reducing the risk of unauthorized access.