Search…
⌃K
Links

Assigning workspace roles to other users

Every workspace has a single owner. The workspace owner has complete control over the workspace.
Other users can be assigned a role that allows them to view and to edit the workspace configuration.
If your instance uses single sign-on (SSO), then you can assign roles to groups as well as to individual users. Single sign-on requires an Enterprise tier license.

Available roles

In addition to the workspace owner, Tonic supports the following workspace roles:
  • Editor - An editor can view and update nearly every aspect of a workspace. They cannot rename or delete the workspace, change the connection information, or copy the workspace.
  • Auditor - Only available to customers that have an Enterprise tier license. An auditor can view the workspace configuration, but cannot make any changes at all to it.
  • Viewer - Only available to customers that have an Enterprise tier license. Similar to an auditor, a viewer can view but not edit the workspace configuration. However, they are further restricted in that they cannot:
    • View any of the data
    • View the list of sensitive columns that are not protected
    • Download the Privacy Report
For a comparison of the available workspace actions for all of the roles, see Allowed actions for each role.

Assigning roles to other users or groups

Workspace owners and editors can use the workspace sharing option to assign roles for their workspaces.
Admin users can use the workspace sharing option to assign roles for any workspace.
If you use SSO, then workspace owners and editors can assign roles to groups.
To share access to workspaces:
  1. 1.
    To share access to a single workspace, select the share workspace option. Either:
    • If the workspace is currently selected, in the top toolbar, click the share workspace icon (
      ).
    • On the Workspaces view, click the actions menu for the workspace, then select Share.
  2. 2.
    To share access for multiple workspaces:
    1. 1.
      Check the checkbox for each workspace to grant access to.
    2. 2.
      From the Actions menu, select Share.
  3. 3.
    The workspace sharing panel contains the current list of users or groups that have access to the workspace. To add a user or group to the list of users or groups to add, from the dropdown list, select the user or group.
  4. 4.
    To select the role to assign to a user or group:
    1. 1.
      Click the Role dropdown for the user or group.
    2. 2.
      On the role panel, click the radio button of the role to assign.
  5. 5.
    Workspace owners and admin users can also transfer the ownership of the workspace. To transfer ownership to a user in the list:
    1. 1.
      Click the Role dropdown.
    2. 2.
      On the role panel, click Transfer ownership. See Transferring ownership of a workspace.
  6. 6.
    To revoke access to a workspace:
    1. 1.
      Click the Role dropdown.
    2. 2.
      On the role panel, click Delete.

Allowed actions for each role

The following table compares the available workspace actions for each workspace role:
Viewer
Auditor
Editor
Owner
View Schema and Applied Generators
View Subset Configuration
View Privacy Hub Audit Trail
View Schema Change Warnings
View Data
View Privacy Hub Unprotected Columns
Download Privacy Report
Edit Applied Generators
Edit Subset Configuration
Resolve Schema Change Warnings
Import/Export Workspaces
Share Workspaces
Run Privacy Scan
Generate Data
View Connection Information
Edit Connection Information
Copy Workspace
Rename Workspace
Delete Workspace