Role-Based Access Controls (RBAC)
Role-Based Access Controls help you manage your users within Sigma and ensure they have the proper permissions and abilities within the application. You can manage role-based access controls through a Sigma user’s account.
Accounts
Every user in Sigma is assigned a default account type upon creation or login. The standard account types include:
- Admin: Admins can administer system settings, users, teams, connections, integrations, and authentication through the Admin Portal. Admins have access to view and edit all documents in their organization.
- Creator: Creators have access to all modeling,workbook creation, and editing features, and can also build their analysis from data they have permission to access. Their access to underlying data sources is controlled by organization admins.
Viewer: Viewers only have access to view the documents they have been granted permissions to access. Their access is limited to a primarily view-only interface with a small set of interactions available. Viewers can interact with visible dashboard controls.
All of these account types come with some preset granular permissions assigned, but you are able change the defaults by clicking on an account type and selecting “Edit”.
You may also create your own custom account types by selecting “Create New Account Type” where you set the default permissions to fit your needs.
Based upon your selections, the user will be assigned a license type of Creator or Viewer.
Assigning Accounts
There are two main ways to assign accounts to users in Sigma, either through the UI itself, or it can be managed leveraging your Identity Provider (IDP) using protocols like SAML and SCIM.
If you are managing and inviting users to Sigma through the UI, you will be prompted to assign an account type when sending the invite. From the People tab in the admin section, you will select “Invite People.”
This will bring up a modal where you can then enter a user’s, or multiple user’s, emails. You’ll also be prompted to assign account types by user.
You have the flexibility to change the user account assignment by selecting them in the People section of the Admin Panel, and editing the Account section.
If you are leveraging SAML or SCIM to manage your users, you will be required to specify the Account Type within your Identity Provider as part of the user’s creation. You will still need to make sure that the Account Type has already been created and set up in Sigma before defining the user's account in the IDP.
If you’d like additional information about Sigma, access the Resources page on our home page for Interactive Demos, Sigma User Community, and Product FAQs.