Data sources

User management

7min

Role-Based Access Control

Users with Owner or Admin roles within a Rollstack organization can add and configure data sources. This centralized control mechanism ensures data configuration aligns with organizational policies and access privileges.

Our platform rigorously follows the data separation rules and Role-Based Access Control (RBAC) systems established in the connected data source. This approach guarantees that data handling and access permissions are consistent with your existing security protocols.

Credential Management

Depending on the nature of your data source, credentials may include shared fields (such as instance URLs or common secrets) accessible to all relevant users within your organization.

  • Protection of User-Specific Fields: To prevent unauthorized access or accidental credential overrides, only organization admins are permitted to modify user-specific fields. This safeguard is critical for avoiding data security breaches.

Data Source

Common Fields

User-specific fields

Tableau

  • Instance URI
  • Client ID
  • Secret ID
  • Secret Value
  • Site name
  • Username

Looker

  • Instance URI
  • Embed Secret
  • Client ID
  • Secret ID

Metabase

  • Instance URI
  • Username
  • Password

Data source user management

Once you have set up the data source, you can now configure the user-specific credentials

1

Open the Data Sources page

2

in the data sources table, click on User management next to your data source

Document image

3

You can now add credentials for other users within your organization or modify existing ones.

Document image


The Status column will show you if access is active for a particular user.

  • Active status means the credentials are working. The user can start using this data source in their Rollstack account.
  • Inactive status means the wrong username is being used for this user. The Admin will need to update the username of this specific user.

Service accounts

As an admin, you also have the option to configure a single entry point to your data source for all of your users. This means that any user credentials can be used as a service account for all the organization's users.

1

Open the Data Source page

2

in the data sources table, click on User management next to your data source

3

Choose a user and click on the Use as service account toggle

Document image


Auto Provisioning

Automatic provisioning simplifies the process of granting new users access to data sources by automatically assigning them the necessary credentials upon their addition to an organization. This feature can be beneficial for quickly onboarding users, but it may pose a security risk if not managed carefully.

When automatic provisioning is enabled, every new user added to your organization is automatically assigned access to the data sources configured for the organization. Typically, an admin must set up each user's credentials, ensuring proper access control and security. However, if a service account is used, new users are granted immediate access without needing individual credential setup.

Admins can choose to disable automatic provisioning to enhance security. When this feature is disabled, new users will not be automatically assigned access to data sources. Instead, an admin must manually configure each user's credentials, ensuring that only authorized personnel have access to sensitive data.

To enable or disable automatic provisioning:

  1. In the data sources table, click on Settings next to your data source.
  2. Use the Enable automatic provisioning checkbox to toggle the feature on or off.

Therefore, organizations can maintain stricter control over who has access to their data sources, reducing the risk of unauthorized access.

Document image




Updated 25 Nov 2024
Doc contributor
Doc contributor
Did this page help you?