Roles (deprecated)

Deprecated, see Access Control

Overview

Users and Access Tokens can be assigned to different roles that come with different sets of permissions.

Roles

Users and Access Tokens can be assigned to the following roles:

  • Admin
  • Editor
  • Viewer

The API role is a legacy role that could be assigned to Access Tokens but that is no longer available for new Access Tokens. Existing tokens with the API role however still function.

Permissions

Each role comes with a given set of permissions on the various Sifflet objects. Unless specified, below matrix applies regardless of how you are trying to access the information (UI, API, CLI, etc.).

ScopeAdminEditorViewer
INTEGRATIONS
Secrets management (create, edit, delete)
Integrations management (create, edit, delete, trigger run)
Submit dbt metadata files and trigger the related datasource refresh (API only)
Create declarative pipeline & edge lineage (API only)
DATA CATALOG
Data catalog search
Data assets (read)
Data assets (edit - manual or through AI suggestions)
Preview data
MONITORS
Monitors (read)(overview, runs, details)
Show failing rows
Datapoint qualification on monitors' runs
Monitors (create, edit, delete, trigger run)
INCIDENTS
Incidents management (assignment, closing)
SETTINGS
Business Glossary (read)
Business Glossary (create, edit, delete)
Tags (read)
Tags (create, edit, delete)
Domains (read, create, edit, delete)
Users (read, create, edit, delete)
Access Tokens (read, create, delete)
SSO (read, create, edit, delete)
Alert Destinations (read, create, edit, delete)