Basic and Security Roles Guideline
Use these guidelines to configure roles in a way that ensures appropriate access to features, protects sensitive data, and supports your organization’s governance model. This topic builds on the general role setup described in the Roles topic by offering best practices and examples for assigning permissions to the predefined Basic and Security roles.
Because role assignments and permissions contain sensitive information, only authorized personnel should view or modify these settings.
| Role | Description |
|---|---|
| Basic | Assign to users who access existing reports, dashboards, and views, and who may create their own versions. This role should not allow system-wide changes or administrative privileges. |
| Security | Assign to administrators or super-users who manage data models, OLAP cubes, governance rules, distribution jobs, and environment configurations. |
tip
Assign each role to a test account and verify that the permissions support only the expected tasks, without exposing unnecessary features.
Configure the basic and security roles
- From the navigation panel, click the gear icon at the bottom. The Administration page opens.
- Select Security, then Roles.
- In the Manage dropdown, select whether general roles or data model roles.
- Select the Security or Basic role. A list of permissions appears below.
- Select the recommended permissions for general roles or data model roles.
General Roles recommended permissions
Administration
| Permission | Basic | Security |
|---|---|---|
| Manage Security | ✔ | |
| Manage Global Parameters | ✔ | |
| Manage Global Variables | ✔ | |
| Manage Distribution | ✔ | |
| Manage External Locations | ✔ | |
| Manage Global Scripts | ✔ | |
| Manage Application Links | ✔ | |
| Manage Global Selection Pages | ✔ | |
| Manage License Information | ✔ | |
| Manage Dictionnary | ✔ | |
| Languages | ✔ | |
| Manage Excel Publish | ✔ | |
| OLAP Manager | ✔ | |
| Create Installation Template | ✔ | |
| Manage Installation Template | ✔ | |
| Import Template | ✔ | |
| Manage Data Warehouse | ✔ | |
| Manage Reporting Trees | ✔ |
Command Center
| Permission | Basic | Security |
|---|---|---|
| Organize Command Center Data Models | ✔ | |
| Organize Command Center Views | ✔ | ✔ |
| Create Data Model | ✔ |
Folder
| Permission | Basic | Security |
|---|---|---|
| Create | ✔ | ✔ |
| Rename | ✔ | ✔ |
| Delete | ✔ | ✔ |
Dashboard
| Permission | Basic | Security |
|---|---|---|
| Rename | ✔ | ✔ |
| Change Publish for | ✔ | ✔ |
| Change Owner | ✔ | ✔ |
| Lock or Unlock | ✔ | ✔ |
| Open | ✔ | ✔ |
| Create | ✔ | ✔ |
| Design | ✔ | ✔ |
| Save As | ✔ | ✔ |
| Delete | ✔ | ✔ |
| Subscribe tp Distribution | ✔ | ✔ |
| Add other emails in To, CC and Bcc | ✔ | |
| Send Comment | ✔ | ✔ |
| Export | ✔ | ✔ |
| ✔ | ✔ | |
| Use Filtering Function | ✔ | ✔ |
| Remove Filters | ✔ | ✔ |
Reports
| Permission | Basic | Security |
|---|---|---|
| Rename | ✔ | ✔ |
| Change Publish for | ✔ | ✔ |
| Change Owner | ✔ | ✔ |
| Lock or Unlock | ✔ | ✔ |
| Open | ✔ | ✔ |
| Create | ✔ | ✔ |
| Design | ✔ | ✔ |
| Save As | ✔ | ✔ |
| Delete | ✔ | ✔ |
| Subscribe tp Distribution | ✔ | ✔ |
| Add other emails in To, CC and Bcc | ✔ | |
| Send Comment | ✔ | ✔ |
| Export | ✔ | ✔ |
| ✔ | ✔ | |
| Use Filtering Function | ✔ | ✔ |
Excel Add-in
| Permission | Basic | Security |
|---|---|---|
| Formula wizard | ✔ | |
| Formula drill-down | ✔ | |
| Data Entry | ✔ | |
| Link to formula | ✔ | |
| Pivot Table | ✔ | |
| Pivot Table Refresh | ✔ | |
| Duplicator | ✔ | |
| Data Extraction | ✔ | |
| Data Extraction Refresh | ✔ | |
| Prompt | ✔ | |
| Quick Prompt | ✔ | |
| Create Static Copy | ✔ | |
| References Configuration | ✔ | |
| Chanbge Password | ✔ | |
| Open View | ✔ | |
| Refresh Formulas | ✔ | |
| Data Model Configurations | ✔ | |
| Environment Configurations | ✔ | |
| Reporting Tree Selector | ✔ | |
| Reporting Tree Node Selector | ✔ | |
| Reporting Tree Duplicator | ✔ |
Workbook
| Permission | Basic | Security |
|---|---|---|
| Copy Folder | ✔ | ✔ |
| Rename | ✔ | ✔ |
| Create | ✔ | ✔ |
| Save As | ✔ | ✔ |
| Delete | ✔ | ✔ |
| Ribbon | ✔ | ✔ |
OLAP Manager
| Permission | Basic | Security |
|---|---|---|
| Add and Save Cube | ✔ | |
| Copy and Delete Cube | ✔ | |
| Navigation | ✔ | |
| Build | ✔ | |
| Load All | ✔ | |
| Refresh | ✔ |
Data Model Roles recommended permissions
Data Model
| Permission | Basic | Security |
|---|---|---|
| Design | ✔ | |
| Copy Data Model | ✔ | |
| Overwrite Data Model | ✔ | |
| Manage Selection Page | ✔ | |
| Manage Data Model Parameters | ✔ | |
| Manage Stored Procedures | ✔ | |
| Translate Data Model | ✔ | |
| Manage Info Pages | ✔ | |
| Execute Info Pages | ✔ | ✔ |
| Create Documentation | ✔ | |
| View Documentation | ✔ | ✔ |
| Rename | ✔ | |
| Delete | ✔ |
View
| Permission | Basic | Security |
|---|---|---|
| Rename | ✔ | ✔ |
| Change Publish for | ✔ | ✔ |
| Change Owner | ✔ | ✔ |
| Lock or Unlock | ✔ | ✔ |
| Edit Prompt Selection on Open | ✔ | ✔ |
| Open | ✔ | ✔ |
| Save | ✔ | ✔ |
| Create | ✔ | ✔ |
| Save As | ✔ | ✔ |
| Delete | ✔ | ✔ |
| Subscribe to Distribution | ✔ | ✔ |
| Add other emails in To, CC and Bcc | ✔ | |
| Send Comment | ✔ | ✔ |
| Export | ✔ | ✔ |
| ✔ | ✔ | |
| Use Data Entry | ✔ | ✔ |
Calculated Column
| Permission | Basic | Security |
|---|---|---|
| Create | ✔ | ✔ |
| Edit | ✔ | ✔ |
| Delete | ✔ | ✔ |
Filter
| Permission | Basic | Security |
|---|---|---|
| Create | ✔ | ✔ |
| Save | ✔ | ✔ |
| Rename | ✔ | ✔ |
| Change Publish for | ✔ | ✔ |
| Change Owner | ✔ | ✔ |
| Lock or Unlock View | ✔ | ✔ |
| Apply Predefined Filters | ✔ | ✔ |
| Delete Predefined Filters | ✔ | ✔ |
| Use Filtering Function | ✔ | ✔ |
| Edit Advanced Filter | ✔ | |
| Remove Filters | ✔ |