Role-based Access Controls

RBAC provides peace of mind, ensuring only those with appropriate permissions can access sensitive user information or take potentially destructive actions with Census Syncs or Census configuration.

Organization Administrators

Members of a Census organization may be promoted to Administrators, which will give them Owner permissions in all Workspaces and the ability to manage billing, and Organization level settings.

Users who are not an admin are simply Members of the organization. Members must be added to each workspace individually.

Workspaces and Roles

Each member of a workspace has a role within each (and their roles can vary across workspaces).

• Owner – This gives access to everything within the workspace, including managing warehouse & destination connections, API keys, and adding/removing users. Organization Admins have all the same permissions as Owners within a workspace.

• Editor – This role allows users to create datasets, segments, and syncs, but does not give the ability to create or manage connections

• Operator – The Operator Role is a special role within Census. It fits between the Editor and Viewer permissions, allowing members with this role to primarily work with Segments. Operators are able to create and edit segments, as well as manage syncing datasets and segments. They won't be able create new datasets, or modify any existing connections details.

• Viewer - The read-only viewer on Census. They can view syncs and segments, and approved models, but cannot modify or take any action within Census.

Custom Roles

You can also create custom roles by combining the required set of fine-grained permissions into a role that is then assignable to users in any workspace. Custom roles give you the ability to create narrow roles for specific use cases such as connection administration or data definition.

To create a new custom role,

1. Click on the Workspaces selector at the top of the left navigation and click Organization Home.

2. Click on the Roles tab.

3. Click + New Role

4. Give your New Role a name.

5. You may also optionally pick an existing role to use as a starting point. Note that once your new role is created, there's no lasting association with this role, this is purely to save yourself some clicks setting up your new role.

6. Select the combination of permissions your new role needs and then click Save.

You can also manage the permissions of existing roles here. Modifying the permissions of an existing will take effect immediately on any user assigned to that role (though they may need to refresh their browser session to see it in the Census UI, it will be enforced immediately if they try to take a now blocked action).

Available Permissions

Custom roles are a collection of permissions granted to the user within that workspace. They are organized as follows:

• Subject - The type of resource (or group of related resources) that the set of permissions apply to, such as a connection, sync or dataset.

• Permission - The specific allowed type of action that can be taken on the subject.

Disabling Data Previews

Census provides sample data when working with models, segments, and syncs to help users understand their data sets, as well as what's being synced. Some organizations may prefer to restrict the ability to preview data to specific tools.

In this case, you can choose to disable the ability to preview data in Census on a per workspace basis. To disable data previews in Census, reach out to your success manager or send an email to Census Support.