A user’s permissions in a specific project are determined by their tenant level role and granted project roles. Project roles include admin, editor, and viewer.

Project roles also determine a user's inherited roles in the data products within a project.

Note: If you assign a user a role in a data product and they do not currently have a role for that project, the user can see the list of projects in the Project menu and access only the data product in which they were assigned a role.

In summary:

• Project admins have full access to all project resources.
• Project editors can view, add, and update most resources in that project, including sources and data products.
• Project viewers can view the 360 pages for all data products in that project. They access these pages from the Browse menu option. These users can see the data products in the project on the Configurations > Data Products page, but cannot open the data products from this page.
• Users without a project role cannot view any resources in the project unless they are assigned a role at the data product level.

The tables below provides more detail on the project role determined by a user's tenant role, and on the permissions allowed by each project role.

Project Roles Inherited from Tenant Role

A user’s tenant level role determines their default (inherited) project roles. Tenant admins can grant users additional roles and remove granted roles.

Project Role Permissions

The following table defines the actions allowed by each project role.