Access and permissions

To access Data Browser in your tenant’s workspace, you need — besides access to the tenant itself — the corresponding roles to work with Data Browser.

Your tenant manager can grant you access and permissions, also for technical clients (technical users). As a tenant manager, handle user management with the Multitenant Access Control portal.

Available default roles for Data Browser:

Data Browser Viewer – this role allows you to view the user interface of Data Browser and the data available to your tenant and to perform some read-only SQL Lab operations.
Data Browser Editor – this role allows you to edit the data available to your tenant, along with all the operations provided to the Viewer role. Bear in mind that the Editor role does not include all permissions from the Viewer role. For visibility in the Workspace, the Viewer role is needed additionally.

As a developer, note that the URN (included in the token) for a role gets constructed as follows:

urn:macma-application-role:<tenant-id>:<client-id>:<role-key>

The placeholders mean:

<tenant-id> — Your tenant ID.
<client-id> — Part of the credentials for your technical client. The client credentials were created when the corresponding module was created. See also Modules: Grant access for technical clients.
<role-key> — Is indicated for each role in the role overview.