Workspace administrators can use model roles to group users that share common data access needs.
Model roles enable you to tailor model content to the needs of specific business functions, enhance security, and streamline processes. When you control permissions through roles, rather than individual users, you can modify access quickly and flexibly.
This feature controls access within a model. You can assign administration roles to control access within your tenant from Administration.
Default model roles
Every model contains the Full Access and No Access roles by default.
When you add a user to a workspace from within a model, you can select their model role for that model. If you add a workspace administrator, they have Full Access to all other models in the workspace by default. Other users have No Access to other models by default.
If you provision access to a model from Administration, all users have No Access by default.
After you add the user, you can change their model role in each individual model to suit your needs.
Create your own model roles
Workspace administrators can create as many roles as their use case requires and assign different permissions and data access to each.
Once you add a model role, you can assign module, version, list, and action permissions to the role.
You can also select the landing dashboard for a model role and the content you want to display in the model Contents panel.
After you add your model roles, assign permissions, and select the contents and landing dashboard, you can assign your users to roles.