Assigning workspace roles to other users
Every workspace has a single owner. The workspace owner has complete control over the workspace.
Other users can be assigned a role that allows them to view and to edit the workspace configuration.
If your instance uses single sign-on (SSO), then you can assign roles to groups as well as to individual users. Single sign-on requires an Enterprise tier license.
In addition to the workspace owner, Tonic supports the following workspace roles:
- Editor - An editor can view and update nearly every aspect of a workspace. They cannot rename or delete the workspace, change the connection information, or copy the workspace.
- Auditor - Only available to customers that have an Enterprise tier license. An auditor can view the workspace configuration, but cannot make any changes at all to it.
- Viewer - Only available to customers that have an Enterprise tier license. Similar to an auditor, a viewer can view but not edit the workspace configuration. However, they are further restricted in that they cannot:
- View any of the data
- View the list of sensitive columns that are not protected
- Download the Privacy Report
For a comparison of the available workspace actions for all of the roles, see Allowed actions for each role.
Workspace owners and editors can use the workspace sharing option to assign roles for their workspaces.
If you use SSO, then workspace owners and editors can assign roles to groups.
To share access to workspaces:
- 1.To share access to a single workspace, select the share workspace option. Either:
- If the workspace is currently selected, in the top toolbar, click the share workspace icon ().
- On the Workspaces view, click the actions menu for the workspace, then select Share.
- 2.To share access for multiple workspaces:
- 1.Check the checkbox for each workspace to grant access to.
- 2.From the Actions menu, select Share.
- 3.The workspace sharing panel contains the current list of users or groups that have access to the workspace. To add a user or group to the list of users or groups to add, from the dropdown list, select the user or group.
- 4.To select the role to assign to a user or group:
- 1.Click the Role dropdown for the user or group.
- 2.On the role panel, click the radio button of the role to assign.
- 5.Workspace owners and admin users can also transfer the ownership of the workspace. To transfer ownership to a user in the list:
- 1.Click the Role dropdown.
- 2.
- 6.To revoke access to a workspace:
- 1.Click the Role dropdown.
- 2.On the role panel, click Delete.
The following table compares the available workspace actions for each workspace role:
| Viewer | Auditor | Editor | Owner |
View Schema and Applied Generators | ✓ | ✓ | ✓ | ✓ |
View Subset Configuration | ✓ | ✓ | ✓ | ✓ |
View Privacy Hub Audit Trail | ✓ | ✓ | ✓ | ✓ |
View Schema Change Warnings | ✓ | ✓ | ✓ | ✓ |
View Data | | ✓ | ✓ | ✓ |
View Privacy Hub Unprotected Columns | | ✓ | ✓ | ✓ |
Download Privacy Report | | ✓ | ✓ | ✓ |
Edit Applied Generators | | | ✓ | ✓ |
Edit Subset Configuration | | | ✓ | ✓ |
Resolve Schema Change Warnings | | | ✓ | ✓ |
Import/Export Workspaces | | | ✓ | ✓ |
Share Workspaces | | | ✓ | ✓ |
Run Privacy Scan | | | ✓ | ✓ |
Generate Data | | | ✓ | ✓ |
View Connection Information | | | ✓ | ✓ |
Edit Connection Information | | | | ✓ |
Copy Workspace | | | | ✓ |
Rename Workspace | | | | ✓ |
Delete Workspace | | | | ✓ |