User Role Assignment by Tenant ID

Reltio platform enables you to assign tenant-specific user roles in Metadata Security.

Metadata security allows you to restrict access to your tenant data. You can use metadata security to define the types of entity and relation a user can access. You can also use a filter to restrict access to a subset of entities or relations.

Previously, it was not possible to use the same role names and definitions across tenants and grant users different rights for different tenants. In other words, you had to use different role names for different tenants.

Now, you can reuse the same role names and definitions across tenants. For example, you can assign a developer full access to a development tenant and read-only access to test and production tenants.

Note: Metadata security is not compatible with Analytics attributes. You cannot apply the Metadata security rules to analytics attributes.

Benefits

This enhancement provides the following benefits:
  • You can use the same role names and definitions across multiple tenants. This allows you to develop a new role definition in a development environment and then promote it to test and production environments without change. In the example given above, the definitions of ROLE_READONLY and ROLE_FULLACCESS roles are identical in all the three tenants. Previously, different role names had to be used, such as, ROLE_DEV_READONLY, ROLE_TEST_READONLY, ROLE_PROD_READONLY, ROLE_DEV_FULLACCESS, ROLE_TEST_FULLACCESS, and ROLE_PROD_FULLACCESS.
  • You can assign a user different roles for different tenants. For example, you can assign ROLE_FULLACCESS role to a development tenant and ROLE_READONLY role to test and production tenants.

Feature Enablement

To enable this feature, you must submit a Support ticket and request that the enableTenantPerRoleSecurity property is set to true in your tenant’s physical configuration. This property is set to false by default.