Overview of Users and Groups in Zoomdata
User accounts are necessary in order to grant individuals access to the Zoomdata application. The authorized Zoomdata supervisor is responsible for setting up these user accounts, including assigning additional administrators (admins), as needed.
The Zoomdata client provides account management controls for admins to manage users and their access to data sources that are connected to Zoomdata. These account management controls offer a secured environment for an organization’s data sources. Zoomdata can connect to organization’s Active Directory (AD) using configured LDAP settings to more easily integrate with an existing operating environment. Admins can manually create users and groups and assign their permission level. Or users and groups may be provisioned via SAML single sign-on.
- For additional information and set up instructions for LDAP and Active Directory, as well as step-by-step instructions for creating users and groups, see Managing Access, Security, and Accounts .
- For instructions on automatic provisioning of users and groups via SAML, see Configuring Zoomdata to Support SAML
Authorization is the access level that a user has within the Zoomdata environment. Once a user is authenticated into Zoomdata, authorization is handled using roles and permissions. This approach defines specific capabilities that users can and cannot perform with the data sources in Zoomdata.
A role is a set of permissions that admins can assign to Zoomdata users. You can configure the authorization settings on the Users & Groups page (as shown in Figure 1).
Users & Groups
To manage users and groups within your account, click the icon, then select Users & Groups .
By default, the Users page shows the list of active users with access rights to Zoomdata. The administrator can add new users either manually or import an organization’s existing userbase (via LDAP or AD) and assign a role for each user. Zoomdata offers three different role types: Admin, User, and Groups Only. For more information, see Adding and Managing Users article.
The Users page contains the following elements:
|1||Users page||Manage users and their access to Zoomdata; add, delete, and edit their access as needed.|
|2||Search||Locate a user account.|
|3||New user button||
Add a new user.
For an LDAP or AD environment, the Import Users button will be available.
|4||Users list||All available users are listed here. Select a user to view the details or to delete.|
|5||Info tab||Create/edit user details.|
Fields for specifying and confirming the password for a new user.
|Require password change||Toggle option to either require a user to change the default password on first login or not.|
|7||Roles list||Define the user's role or disable a user account.|
|8||Custom Attributes tab||Store key values that set privileges for users' access to data sources.|
Admins can import users. Zoomdata supports both the Lightweight Directory Access Protocol (LDAP) and Active Directory. As a result, authorized users created and stored in these directories can be imported into Zoomdata. When you have configured this functionality, the Import Users button will be displayed on the Users page (as shown in Figure 3).
LDAP Setup (Supports Active Directory and OpenLDAP)
You can either import all users or select specific ones to add to Zoomdata. Select the users and click Import . The selected users are added to the Users list. For more information about configuring LDAP, see Lightweight Directory Access Protocol (LDAP) .
On the Groups page, you can add users to a group. Groups provide a way to manage users' access rights to data sources. For example, you can assign all members of the Sales team to one specific set of data sources and the Training team to different ones.
You have to create a group first and then add the users to it.
Click the Groups option. On the Groups page, all the available groups are listed. From this page, admins can:
- Delete or edit an existing group
- Create a new group
- Assign data sources and permission level for a group
- Edit (add or delete) the members in the group
- Grant specific privileges to a user group
The Groups page contains the following elements:
|1||Search||Locate a specific group.|
|2||New Group button||Add a new group.|
|3||Groups list||Select and show details or delete the group.|
|4||General page||Create/edit the group name and description.|
|5||Data Sources page||
Manage the access rights of the group to the data sources.
For more information about group access rights, see the Data Sources Page section below.
Manage users in the group.
For more information about managing users, see the Members Page section below.
Toggle permissions for the group to perform different actions.
For more information about managing users, see the Privileges Page section below.
Permission levels are maintained via 'Groups' and users are assigned into appropriate groups based upon specific criteria (or an organization’s for example, Human Resources may have different access and permission level than Engineering).
The Data Sources page enables the administrator to control access to the existing data sources.
You can select the required access level for the group:
Group has access to all data source(s)
- grant full access rights (read, edit, and delete) to existing sources.
- Manual Configuration - configure custom access rights to specific data source(s).
View a specific data source with force filters (charts show only specific rows from your data set)
- View (read) a specific data source
- Edit a data source
- Delete a data source
Manual configuration allows admins to set individual permission levels for each data source. This option provides the most flexibility to control access to data sources. Admins have the ability to control which data sources can be viewed, edited, and deleted by members in the group.
In addition, admins can set the attribute items that can be viewed or edited for each data source (called Force Filters). This functionality allows security to be managed at the attribute level, so that potentially confidential datasets within a data source can have permission levels set. As a result, a group would only be able to view limited information within a connected data source.
Members in this group are able to view and interact with charts and dashboards only for the data sources with which they have access rights.
Using the filter in the
, an admin can limit the visibility of the fields from your data source for the user group. By default, all the fields are available for the user group. Clear the checkmarks near the required items in the
dialog box to limit their availability for the group.
The Members page enables the administrator to assign users to groups. Members can be added or deleted at any time. The Members page works in conjunction with the Data Sources page to assign data sources and control the access to them.
To Add Users to a Group
- Click Add member(s) .
- In the Add Member(s) window, select the users, that you want to add to the new group from the list.
- Click Apply .
To remove a user from the group, click Delete next to the user's name. You can only delete members individually.
When you have made all the changes, click Save .
Admins can make changes on the Members tab as well as on the Data Sources page in any order, at any time.
The Privileges page enables the administrator to assign permissions globally, which applies to all members in the group.
The following options are available:
Can create new data sources
- select this option to allow users of the group to set up new source connections. Once the connection is established, members in the group can produce charts and dashboards. When a user creates a source, all the groups that user belongs to have read, write, and delete access to that source.
This option allows different departments or groups within an organization to manage their own data sources separate from other groups. For example, the business development team may have their own data sources that needs to be kept confidential.
Members of this group cannot access existing data sources if this is the only option enabled for the group.
- Can Manage Custom Charts (Chart Studio) - select this option to allow users of the group to access the Chart Studio to create custom charts. If this option is selected, the Chart Studio menu item is displayed under the Settings menu.
- Can Save Charts & Dashboards and Can Share Charts & Dashboards Externally - select these options to allow users of the group to save and/or share charts and dashboards that are created in Zoomdata. When these options are not selected, the action buttons will not be displayed in the user interface.
- Can Save Filters - select this option to allow users of the group to save (and share) filters created in charts and dashboards. When this option is not selected, the Save button will not appear in the user interface.
- Can Read Calculations - select this option to allow users of the group to use available calculations.
Can Edit Calculations - select this option to allow users of the group to add or edit calculations. When this option is not selected, the Calculations section and the Add calculation button will not appear in the user interface.
For step-by-step guidance to add users and groups, see: