Assigning workspace roles to other users
Assigning workspace roles to other users requires a Professional or Enterprise license.
Assigning a role other than Editor requires an Enterprise license.
Every workspace has a single owner. The workspace owner has complete control over the workspace.
Other users can be assigned a role that allows them to view and to edit the workspace configuration.
If your instance uses single sign-on (SSO), then you can assign roles to groups as well as to individual users.
In addition to the workspace owner, Tonic supports the following workspace roles:
- Editor - Requires a Professional or Enterprise license. An editor can view and update nearly every aspect of a workspace. They cannot rename or delete the workspace, change the connection information, or copy the workspace.
- Auditor - Requires an Enterprise license. An auditor can view the workspace configuration, but cannot make any changes at all to it.
- Viewer - Requires an Enterprise license. Similar to an auditor, a viewer can view but not edit the workspace configuration. However, they are further restricted in that they cannot:
- View any of the data
- View the list of sensitive columns that are not protected
- Download the Privacy Report
For a comparison of the available workspace actions for all of the roles, see Allowed actions for each role.
Workspace owners and editors can use the workspace sharing option to assign roles for their workspaces.
If you use SSO, then workspace owners and editors can assign roles to groups.
To share access to workspaces:
- 1.To share access to a single workspace, select the share workspace option. Either:
- On the workspace management view, in the heading, click the share icon.
- On Workspaces view, click the actions menu for the workspace, then select Share.
- 2.To share access for multiple workspaces:
- 1.Check the checkbox for each workspace to grant access to.
- 2.From the Actions menu, select Share.
- 3.The workspace sharing panel contains the current list of users or groups that have access to the workspace. To add a user or group to the list of users or groups to add, from the dropdown list, select the user or group. If you are a free trial user, you can use workspace sharing to invite other users to start their own free trial. Provide the email addresses of the users to invite. The email addresses must use the same corporate email domain as your email address.
- 4.To select the role to assign to a user or group:
- 1.Click the Role dropdown for the user or group.
- 2.On the role panel, click the radio button of the role to assign.
- 5.Workspace owners and admin users can also transfer the ownership of the workspace. To transfer ownership to a user in the list:
- 1.Click the Role dropdown.
- 2.
- 6.To revoke access to a workspace:
- 1.Click the Role dropdown.
- 2.On the role panel, click Delete.
The following table compares the available workspace actions for each workspace role:
| Viewer | Auditor | Editor | Owner |
View Schema and Applied Generators | ✓ | ✓ | ✓ | ✓ |
View Subset Configuration | ✓ | ✓ | ✓ | ✓ |
View Privacy Hub Audit Trail | ✓ | ✓ | ✓ | ✓ |
View Schema Change Warnings | ✓ | ✓ | ✓ | ✓ |
View Data | | ✓ | ✓ | ✓ |
View Privacy Hub Unprotected Columns | | ✓ | ✓ | ✓ |
Download Privacy Report | | ✓ | ✓ | ✓ |
Edit Applied Generators | | | ✓ | ✓ |
Edit Subset Configuration | | | ✓ | ✓ |
Resolve Schema Change Warnings | | | ✓ | ✓ |
Import/Export Workspaces | | | ✓ | ✓ |
Share Workspaces | | | ✓ | ✓ |
Run Privacy Scan | | | ✓ | ✓ |
Generate Data | | | ✓ | ✓ |
View Connection Information | | | ✓ | ✓ |
Edit Connection Information | | | | ✓ |
Copy Workspace | | | | ✓ |
Rename Workspace | | | | ✓ |
Delete Workspace | | | | ✓ |