Docs
Users and Permissions
Permissions Overview

Hashboard Permissions Overview

Hashboard offers a highly customizable security model that can be tailored to meet the specific needs of your organization.

Key Considerations

Before configuring permissions in Hashboard, it is useful to think through your overall security model and how you would like to control data access and governance.

Data Access: Decide which data sources your user groups can see, and at what granularity.

Your data access strategy addresses questions like:

  • Which users should be able to execute raw SQL queries against your data source(s)?
  • Do specific databases, schemas, tables, columns, or rows contain sensitive data that requires limited access?
  • Are there any users that should only be allowed to see aggregated data and not the unaggregated source data?

Governance: Decide who should be able to modify models, metrics, explorations, and dashboards within Hashboard.

Your governance strategy addresses questions like:

  • Which teams will be able to create and modify my core Hashboard models and dashboards?
  • Are there specific resources in Hashboard that I don't want to be modified by certain user groups?
  • Are there any change management processes or policies that my Hashboard resources need to comply with?

Note that it is normal for your Data Access and Governance strategies to not entirely overlap. For instance, you might want to grant your data analysts raw SQL access without allowing them to modify some core metric definitions owned by your upstream data team.

Implementation

Once your high-level strategy is defined, you can use one or more of Hashboard's permissioning features to implement it:

FeatureDescriptionApplicability
Role-based Access ControlsDefine roles in Hashboard and assign specific governance and access rules to these roles, enforced by Hashboard.Data Access, Governance
Role-based Database CredentialsVary database credentials for specific users to enforce data access rules.Data Access
Model DefinitionsCreate different models for various use cases and control access using Role-based Access Controls.Data Access, Governance
Public LinksExposes a specific dashboard or saved exploration to anybody who knows its URL.Data Access
Private ResourcesDashboards and Saved Explorations can be marked private, which hides it from all other users in your project.Governance
Partner ProjectsImplement broad security isolation by providing an entirely separate stack of credentials and templated resources to a group of users.Data Access, Governance

Controlling Data Access

The below diagram summarizes the different ways you can control data access in Hashboard:

Getting Help

The Hashboard team is happy to help design your permissioning strategy. Contact us any time in your support channel to set up a working session.