Docs
Access control

Access control

Manage who can access your organization, space and assets.

Overview

Y42 enables detailed control over data assets and operations using a hierarchical role-based access control system that is integrated throughout the platform.

To understand access control in Y42, this general summary of relevant concepts may be helpful:

  • Subject: typically a user, sometimes also an API token that is used to access Y42 programmatically. Users can be grouped into¬†teams¬†as well, and a team can be managed like a single subject.

  • Role: roles are held by subjects, relative to resources. For example, the user "John Doe" can hold the "owner" role relative on the "ACME" organization.

  • Resource: can be any object inside Y42, like an integration, a table, a job, but also containers like the whole of the¬†integrations module¬†or even a¬†space¬†or an¬†organization.

  • Resource Hierarchy: Resources can be "parents" of other resources.

    • An organization is the parent of all spaces inside that organization

    • The¬†integrations¬†module is the parent of each¬†specific integration, the¬†models¬†module contains every¬†UI-Model¬†and¬†SQL Model, etc.

    • An integration or model is the parent of each¬†output table¬†contained in it (usually 1 table, but UI models can have multiple output tables)