Roles (deprecated)

Deprecated, see Access Control


Users and Access Tokens can be assigned to different roles that come with different sets of permissions.


Users and Access Tokens can be assigned to the following roles:

  • Admin
  • Editor
  • Viewer

The API role is a legacy role that could be assigned to Access Tokens but that is no longer available for new Access Tokens. Existing tokens with the API role however still function.


Each role comes with a given set of permissions on the various Sifflet objects. Unless specified, below matrix applies regardless of how you are trying to access the information (UI, API, CLI, etc.).

Secrets management (create, edit, delete)
Integrations management (create, edit, delete, trigger run)
Submit dbt metadata files and trigger the related datasource refresh (API only)
Create declarative pipeline & edge lineage (API only)
Data catalog search
Data assets (read)
Data assets (edit - manual or through AI suggestions)
Preview data
Monitors (read)(overview, runs, details)
Show failing rows
Datapoint qualification on monitors' runs
Monitors (create, edit, delete, trigger run)
Incidents management (assignment, closing)
Business Glossary (read)
Business Glossary (create, edit, delete)
Tags (read)
Tags (create, edit, delete)
Domains (read, create, edit, delete)
Users (read, create, edit, delete)
Access Tokens (read, create, delete)
SSO (read, create, edit, delete)
Alert Destinations (read, create, edit, delete)