Application roles

Application roles are used to provide permissions for the whole application: that is, for reports, dashboards, folders, and for OLAP data access.

To manage the permissions of dashboards and dashboard folders, you must have Administer permission on the application.

Users' access to applications is controlled through membership of roles. By default, role permissions on an application are inherited by the folders within it, and by the dashboards, reports, and folders that they contain. For example, if a role has Edit Dashboards permission on the application then all users within that role can edit every dashboard. You can manually add or remove permissions on a particular folder, dashboard, or report. In doing so, you break the inheritance from the application. Typically, you edit permissions on folders, not on individual dashboards or reports.

  • Use the Application Roles dashboard to create application roles and define their global permissions.

    Select Dashboards > User and Permission Management > Application Roles.

  • Use Application Studio to define role permissions for report folders.
  • Use Dashboards to define role permissions for dashboards and dashboard folders.
  • Use the Manage Permissions dashboard to set cube, element, and cell permissions in access cubes.

    Application roles are added to the _GROUP dimension of OLAP Access cubes.