🎉 Get early access! Read more →
Docs
Access control

Access control

Manage who can access your organization, space and assets.

Overview

Y42 enables detailed control over data assets and operations using a hierarchical role-based access control system that is integrated throughout the platform.

To understand access control in Y42, this general summary of relevant concepts may be helpful:

  • Subject: typically a user, sometimes also an API token that is used to access Y42 programmatically. Users can be grouped into teams as well, and a team can be managed like a single subject.

  • Role: roles are held by subjects, relative to resources. For example, the user "John Doe" can hold the "owner" role relative on the "ACME" organization.

  • Resource: can be any object inside Y42, like an integration, a table, a job, but also containers like the whole of the integrations module or even a space or an organization.

  • Resource Hierarchy: Resources can be "parents" of other resources.

    • An organization is the parent of all spaces inside that organization

    • The integrations module is the parent of each specific integration, the models module contains every UI-Model and SQL Model, etc.

    • An integration or model is the parent of each output table contained in it (usually 1 table, but UI models can have multiple output tables)