User Roles and Permissions

Your user role and permissions determine your access to resources and functionality.

The combination of your user role and permissions for shared resources determine your access to resources and functionality in Tamr Cloud. Resources include data products, tasks, and publish destinations, as well as connections to external data repositories and source datasets.

Your role determines the functionality you can access by default and your ability to create new resources.

Your permissions for resources shared with you determine the actions you can perform on those resources, regardless of your role.

User Roles

Each user is assigned a role: admin, author, or data citizen. These roles determine the functionality that the user can access by default. A user's role also determines whether they can add new:

  • Connections to external data repositories
  • Source datasets
  • Destinations for published data product datasets
    Note: Applicable only for legacy data products. For data products created with the newest versions of the B2B Customers, Healthcare Providers, or Contacts data products, all users on the tenant have full admin permissions for publish configuration.
  • Data products
    Note: Applicable only for legacy data products. For data products created with the newest versions of the B2B Customers, Healthcare Providers, or Contacts data products, all users on the tenant have full admin permissions for the data product.
Role Description
Admin Admins have full access to Tamr Cloud.

Admins can:
  • Manage all user accounts (Users)
  • Schedule recurring jobs (Scheduler)
Admins can add new resources, and can fully manage all resources in the system, including:
  • Data products
  • Connections to external data repositories
  • Source datasets
  • Destinations for published datasets
  • Tasks
Author Authors can add new resources, including:
  • Data products
  • Connections to external data repositories
  • Source datasets
  • Destinations for published datasets
  • Tasks
Authors have full access to all configured connections and source datasets.

Authors have full access to any data products that they add. Their access to data products added by other users depends on whether those resources are shared with them, and their permission level for those resources.

Authors can also monitor all jobs from Menu > Jobs.
Data Citizens Data citizens have access only to the data products that are shared with them.

They cannot add new data products, sources, or connections.

By default, they cannot add publishing destinations.

Permissions for Shared Data Products

Note: Applicable only for legacy data products. For data products created with the newest versions of the B2B Customers, Healthcare Providers, or Contacts data products, all users on the tenant have full admin permissions for data products; sharing is not available.

You can share data products with other users. When you share a data product with another user, you select the user's permissions for that data product.

You can give other users permissions at your permission level or lower. For example:

  • If you have editor permissions for a data product, you can give others editor, curator, publisher, or viewer permissions for that data product.
  • If you have publisher permissions for a data product, you can give others publisher or viewer permissions for that data product.

Data Product Permissions

Share a data product from the Home page. See Managing a Data Product.

You select from five permission levels when sharing a data product, as described in the table below.

Data product ownership cannot be changed through permissions.

Data Product PermissionsViewerPublisherCuratorEditorOwner
Admin
Publish DatasetsNoYesYesYesYes
Curate DataNoNoYesYesYes
View, Edit, and Run FlowNoNoNoYesYes
Save a CopyNoNoNoYesYes
DeleteNoNoNoNoYes
Share OptionsViewerViewer
Publisher
Viewer
Publisher
Curator
Viewer
Publisher
Curator
Editor
Viewer
Publisher
Curator
Editor

Permissions for Connections

Admins and authors can fully manage all connections, including: adding, editing, and deleting connections to external data repositories.

Data citizens do not have access to the Connections feature and cannot add or manage connections.

Permissions Source Datasets

Admins and authors can fully manage all data sources, including:

  • Adding, editing, and deleting source datasets stored in configured connections.
  • Using any source datasets as data product input.

If a data citizen has editor permission for a data product, they can add any existing source dataset as input to the flow.

Permissions for Publishing Destinations

Note: Applicable only for legacy data products. For data products created with the newest versions of the B2B Customers, Healthcare Providers, or Contacts data products, all users on the tenant have full admin permissions for publish configuration.

Admins can fully manage all publishing destinations, including:

  • Adding, editing, and deleting published destinations in all data products.
  • Publishing to any configured destination.

Authors can fully manage all publishing destinations for data products they own, including:

  • Adding, editing, and deleting published destinations in those data products.
  • Publishing to any configured destination for those data products.

If an author or data citizen has publisher or greater permissions for a data product, they can:

  • Add publishing destinations to that data product.
  • Publish to any configured destination for that data product.

Permissions for Tasks

Admins can create, edit, resolve, and delete tasks. Authors can create tasks, edit tasks they created, resolve tasks when assigned, and delete tasks they created. Data citizens can create tasks and edit tasks they created.

Authors and data citizens cannot create or edit tasks in data products they do not have access to.

Permissions for tasks in a data product:

RoleCreateEditResolveDelete
OwnerYesYesYesYes
EditorYesYesYesYes
CuratorYesYes, when creatorYes, when assignedYes, when creator
PublisherYesYes, when creatorNoNo
ViewerYesYes, when creatorNoNo