Create roles that control which menus, reports, datasources, and security tags your users can access. Edit roles as your team evolves, and delete roles that are no longer in use.
Before you begin
You need:
- The Account Admin role
How roles work in Datanyx. A role is a bundle of permissions that controls what a user can do. Each role can grant access to specific menu items, datasources, datasets, fields, reports, and security tags. Users can hold multiple roles — if any of them grants access, the user gets that access. Roles are created and edited by Account Admins and then assigned to users from User Management.
Create a role
Step 1. Open Role Management
From the main navigation, click Admin, then open the Role Management tab.
Step 2. Start a new role
Click the plus icon in the bottom-right corner of the screen. A new role form opens.
Step 3. Fill in the role details
On the new role form, set the following:
- Role name — a descriptive name that reflects what this role is for (e.g., Regional Sales Analyst rather than Role 1)
- Menu level access — which top-level menus users with this role can see and use
- Grant roles access — which other Account Admins are allowed to see and manage this role in their own Role Management list. See the callout below for how this works in practice.
- Grant reports access — which pre-existing reports users with this role can view
Step 4. Save the role
Click Save. The new role appears in the Role Management list, ready to be assigned to users.
How Grant roles access and Grant organization work. These two settings control which other Account Admins can see and manage this role in their own Role Management list — they’re about admin-to-admin visibility, not about the role’s own users. Example: User A (Account Admin) creates role “X” and grants role access during creation. User A then assigns role “X” to User B (also an Account Admin). User B now sees role “X” in their Role Management list and can edit or delete it. Without the grant, User B wouldn’t see “X” at all, even though they’re an Account Admin. Grant organization works the same way across multiple organizations.
You can always edit a role later. The fields you set now aren’t locked. If you realize later that the role needs more or less access, come back and adjust it — changes apply to everyone already holding that role.
Edit a role
The Role Management tab has two setting icons per role: Edit and Delete. Edit opens a role in a two-tabbed editor — Menu Access and Advanced — each covering a different dimension of permissions.
Step 1. Open the role in the editor
In Admin → Role Management, find the role you want to edit. Under Settings, click the Edit icon. The role editor opens on the Menu Access tab by default.
Menu Access tab
The Menu Access tab controls what users with this role can see in the Datanyx interface, plus two admin-scoped visibility settings.
From this tab you can:
- Assign menu-level access — tick the menu items this role should see (e.g., Design, Library, Dashboard, Admin)
- Grant roles access — control which other Account Admins can see and manage this role in their own Role Management list (see the callout in the Create section for a worked example)
- Grant reports access — give this role view access to specific reports that already exist
- Grant organizational access — in workspaces with multiple organizations, control which Account Admins can see and manage this role across organizations. Works the same way as Grant roles access, but scoped to organizations.
When you’re done, click Save.
Advanced tab
The Advanced tab controls data-level access — what this role can see inside the data itself, not just which menus it can open.
From this tab you can:
- Share datasources — select or de-select which datasources are available to this role. Users without the datasource in their role can’t build reports or workflows against it.
- Restrict dataset access — within a shared datasource, limit this role to specific datasets only
- Restrict field access — within a shared dataset, hide specific columns or fields from this role
- Configure data-level access — apply row-level rules so this role only sees records matching a given condition (for example, only records for a specific region)
Click Save to apply the changes.
Menu Access vs Advanced. Menu Access answers “what screens can they reach?” — Advanced answers “what data can they see?” A role might be able to open the Dashboard menu (Menu Access) but only see charts built on datasources permitted in Advanced. Both work together.
Delete a role
Step 1. Find the role
In Admin → Role Management, locate the role you want to remove.
Step 2. Click the Delete icon
Under Settings, click the Delete icon. A warning pop-up appears.
Step 3. Confirm the deletion
Click OK to confirm. The role is removed. Users who held only this role will lose the access it granted — reassign them to a different role if they still need access.
Deletion doesn’t delete users. Deleting a role removes the role itself, not the users who held it. Those users keep any other roles they were already assigned, and their accounts stay active.
Find a role quickly
When the role list grows, use the search bar at the top of the Role Management tab. Type any part of the role name to filter the list in real time. You can also paginate through the full list using the page controls at the bottom.
Troubleshooting
- A user says they can’t see a menu I granted them access to. Check that Menu Access is correctly set on every role the user holds, and ask them to sign out and back in — access changes sometimes only apply on the next login or upon hard refresh of the page.
- A user with the correct role still can’t see a datasource. Menu Access grants the menus; Advanced grants the data. Open the role’s Advanced tab and confirm the datasource is ticked.
- I deleted a role by mistake. Role deletion is immediate and permanent. Create a new role with the same name and permissions, then reassign it to the affected users from User Management.
Related
- How to create a user
- How to assign a role to a user
- How to configure data-level access rules
- Roles and permissions (Product docs)