Column level security

Column Level Security allows admins to control the granularity of shared data across dashboards.

Note: Column Level Security applies only to Dashboard and Visualizer views. We recommend preventing secured users from accessing Designer. Data is hidden based on the security setting and what information the user has access to through their Custom Subject Area (CSA).

Column Level Security has the following three security levels:

Display all columns in a report
This is the default. It displays all columns in a report even if the user does not have the column in their CSA.
Hide only secure columns in a report
This setting hides any columns in a report the user does not have access to in their CSA. The user only sees the columns they have access to through their CSA.
Note: This setting only applies to Dashboards and Visualizer. When attempting to access reports containing secure columns through Designer, the report does not open.
Hide entire report containing secure columns
If a report contains any columns that are not listed in a user's CSA, the entire report is hidden from the user.

If Hide only secure columns in a report is enabled for a space, the following security settings are enforced:

  • If then dashlet can still render after removing secured columns for a given user, Birst displays the report with only columns the user has access to.
  • If a secured column is used to sort a report, it is removed from the query run to return results for a user that does not have access to the column. This could lead to a different result set being returned for secured users when compared to the result set obtained by non-secured users.
  • Users cannot open reports in Designer that contain columns they do not have access to.
  • SavedExpressions is secured if at least one of the objects contained in its expression definition is secured.
  • In some scenarios, this message displays: "This chart cannot be visualized as its definition requires columns that are not accessible in the current security settings." This can happen when:
    • The dashlet is being filtered with at least one secured column.
    • The dashlet can no longer be rendered with only the columns the user has access to.
  • Column selectors can be used as fallback columns in place of secured columns in a report. If a secured column has column selectors enabled with columns the user has access to, Birst supplies a selected column in place of the secured column.

For example, a user who has access to the columns for Patient City, Margin, and Paid Amount would see all three in a report.

A user who does not have access to the Paid Amount column would only see the Patient City and Margin columns in the report.

A user who does not have access to the necessary columns would see a message saying This chart cannot be visualized as its definition requires columns that are not accessible in the current security settings.

Related topics
  • Creating Column Selectors