Admin Roles in Zoomdata
The Zoomdata Server provides different user roles to help the Zoomdata Administrator manage access, security and accounts (as shown in Figure 1).
By default, the installation of the Zoomdata Server creates two administrative roles - ' supervisor ' and 'admin'. The Zoomdata Administrator uses these two roles to set up the Zoomdata account and enable security features. In addition to these two administrative roles, Zoomdata provides two distinct user roles - 'user' and 'groups only'. These two user roles help the Zoomdata Administrator manage access rights to the data sources and charts that can be accessed, created and shared.
After the Zoomdata Server has been installed and deployed in your operating environment, the Zoomdata Administrator accesses the application from a websocket-supported web browser (refer to the article System Requirements for details). Upon initial access, Zoomdata prompts you to change the passwords for the two default administrative roles (as shown in Figure 2).
The Admin Role
After you have changed the passwords, you access Zoomdata as an admin. In this role, you can take the following actions (see Figure 3 for the menu options):
- Connect to data sources
- Use the chart studio to create custom charts
- Set up users and groups to manage access to data sources and charts
- Access the console
The Supervisor Role
To change to the supervisor role, log out of Zoomdata and log back in as the supervisor (as shown in Figure 4). Your Zoomdata installation (whether stand-alone or scale-out) provides for one supervisor role. This role is permanent and cannot be deleted.
The supervisor role lets you access and manage account-level functions (as shown in Figure 5) including:
- Managing users
- Managing accounts and changing the supervisor password
- Customizing the Zoomdata user interface
- Configuring security settings including SAML and LDAP
- Managing connector services: adding, editing, and deleting the connector servers and connection types
- Managing feature toggles that are available (including Beta features that are in the Early Access Program)
By default, Zoomdata creates the supervisor role in the 'superaccount', which is a dedicated and permanent account that cannot be deleted. The 'superaccount' does not have access to any data sources nor can it connect to data sources. Its sole purpose is to provide the Zoomdata Administrator with account-level access to the program. However, if you select a different account to administer, then 'admin' level functions becomes available (as shown in Figure 6).
At this point, you can perform all of the admin-level functions as if you were logged in as an 'admin'.
The Zoomdata Administrator can assign two types of users roles in Zoomdata:
- User : has access rights to create charts using existing data sources and (shared) dashboards
- Groups Only : users assigned into group(s) receives different access and editing rights to the data sources depending on the parameters enabled at the group level
The User Role
The User role can view all existing data sources and (shared) dashboards. This role does not provide any editing or management rights to the data sources nor does it allow new data connections to be made. Users can create and explore charts and dashboards, save these visuals, as well as share them based on existing data sources (see Figure 7).
The Groups Only Role
When a number of Zoomdata users need access to the same data sources or require the same access restrictions (such as a sales team or business dev group), the Zoomdata Administrator can assign them to a group (as shown in Figure 8). Users assigned into a group inherit the specified group permissions set up by the administrator. This role lets administrators manage users' access to data sources down to the attributes and metrics level. A user can be assigned to multiple groups.
Administrators can set access privileges for the users in the group either at a global level (as shown in Figure 9) or manually configured by data source (as shown in Figure 10).
Figure 9 shows the global access options available for the group including the rights to read, edit and delete all existing data sources. An administrator can either enable these rights (by selecting the checkboxes) or disable them.
Figure 10 shows the manual configuration options available to manage a group's access to data sources down to the attributes and metrics level. A group may be able to access all details with a data source, or the administrator can set a filter so that only specific columns or rows are accessible.
- By default, a group has read privileges to all existing data sources.
- Access the topic Users and Groups for detailed guidance on manually configuring a group's access to data sources.
Besides the management of data sources, additional group privileges can also be set via the Privileges tab (as shown in Figure 11). These mainly have to do with the toggle of specific functions available to users in Zoomdata including the ability to:
- Connect Zoomdata to new data sources
- Save and share charts and dashboards
- Save filters
- Work with calculations