Skip to main content

Roles

The Roles feature in SEI is the foundation of security and access control. Roles determine what users can see and do across the platform, including whether they can build, edit, or administer content, or only view existing data and reports. With well-defined roles, you can ensure users have the right level of access for their responsibilities—supporting both governance and productivity.

There are two types of roles:

RoleDescription
GeneralGrant or restrict access to platform-wide features, such as administrative actions, template management, or global configuration.
Data ModelControl permissions for specific data models, such as whether a user can create, edit, or view data, or perform calculations and exports.

Best practices

Follow these best practices to establish a robust permissions system that aligns with your organization’s security policies and enhances the user experience in SEI.

  • Renew and update roles regularly – Revisit role configurations as your organization grows or new features are introduced to ensure security requirements and business needs are met.
  • Track permission changes – Maintain a log of all role permission changes to support audits, troubleshooting, and access reviews.mission changes: Maintain a log of all changes to role permissions. This can help with audits, troubleshooting, and understanding access history.
  • Test role setups with non-production accounts – Assign roles to test accounts first and validate that users only have access to what is intended.
  • Limit administrative privileges – Assign the Security role only to trusted administrators or super-users to minimize risk.
  • Document your role and permission strategy – Write clear documentation outlining which permissions each role should have for governance, future reviews, and onboarding new admins.

Add a role

  1. From the navigation panel, click the gear icon at the bottom. The Administration page opens.
  2. Select Security, then Roles.
  3. In the Manage dropdown, select whether General Roles or Data Model Roles.
  4. Click New.
  5. Enter a name and description.
  6. Click Create.
    The new role is added to the list.

Assign permissions

  1. In the Manage dropdown, select whether General Roles or Data Model Roles.
  2. Select an existing role from the list.
  3. Assign the appropriate permissions for general or data model roles.
  4. Click Apply Changes to save, or Undo changes to discard.