Help center Get started Knowledge center Product documentation API documentation
Product
Lens Weave Maskbits
Overview
Design
Project
Chart Designer
Visualization
Table Bar Chart Horizontal Bar Chart Stacked Bar Chart Horizontal Stacked Bar Chart Area Chart Line Chart Funnel Chart Pie Chart Donut Chart Waterfall Chart Radar Line Chart Numbered Card Semi Gauge Chart Radial Gauge Chart Linear Gauge Chart Financial Chart Full Gauge Chart Form View Pivot Table Box Plot Chart Geo Chart Tree List Tree Map Sankey Chart Bubble Chart Pyramid Chart
Analytics
Metrics Analysis
Custom Scripts Dimensions Filters Reports
Library
Charts Reports Templates
Dashboard
Dashboard
Schedule
Scheduler
Inbox
Inbox
Migration
Migration
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management Security Tags
Product
Lens Weave Maskbits
Overview
Data
Data Import Output Result
Data Preparation
Cleansing Imputation Duplicates Filter Fuzzy Filter Outlier Treatment Binning Trimming Validation Sorting
Transformation
Data Transformation Bulk Data Transformation Merge Union Fuzzy Merge Encoding Normalization Scaling Standardization Aggregate Unpivot Functional Transformation SQL Executor
Statistical Plots
Box Plot Correlation Histogram Pair Wise Line Plot Scatter Plot Bar Plot Stem Plot Step Plot Fill Between Stack Plot Descriptive Statistics
Workflow Agent
Workflow Agent
Scheduler
Scheduler
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management
Product
Lens Weave Maskbits
Overview
Deidentification
Deidentification
Deidentification workflows
Auto Configure
Auto Configure
Sensitive data detection
Excel Configuration
Excel Configuration
Importing configuration
Manual Configuration
Manual Configuration
Rule Configuration
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management

Overview

Roles Management is the Account Admin surface for defining and maintaining custom roles. A role is a named bundle of permissions covering menu access, data source visibility, dataset and field restrictions, report access, organizational scope, and security tags. Roles are assigned to users to grant access to Datanyx capabilities.

Roles Management is accessed from Admin → Roles Management. The page lists all roles in the tenant, supports search and pagination, and exposes per-role edit, security, and delete actions. Roles created here operate alongside the Datanyx system roles (Account Admin, Lens Designer, Weave Designer, Maskbits Designer, Viewer) and follow the same additive permission model.

When to use it

  • A new user persona requires a permission bundle that does not match an existing role.
  • A team’s report or data source access changes following a reorganization.
  • A new security tag has been created in Lens and must be linked to existing roles.
  • A subscription change adds or removes Designer access, requiring a corresponding role adjustment.
  • A multi-org tenant onboards a new organization that needs scoped role access.

Configuration tabs

A role is configured across two tabs in the create/edit form, plus a Security pop-up reached from the role list.

Menu Access (tab)Controls which menu items the role can open, which other roles it can grant, which Reports it can view, and which organizations it spans.
Advanced (tab)Controls data source visibility and dataset, field, and row-level restrictions on top of those sources.
Security (pop-up)Assigns one or more security tags to the role. Tags are configured in Lens by Lens Designers and attached to Reports during Report design.

Menu Access tab

Menu Level AccessSet of selectable menu items the role can open. Designer-area menus are gated by subscription and have no effect if the corresponding subscription is absent.
Grant Roles AccessUsers assigned to this role are permitted to assign this role to other users.
Reports AccessReports made visible in Dashboards for users with this role. Reports created after role configuration are not auto-included.
Organizational AccessOrganizations the role applies to. Required for multi-org tenants; defaults to current organization on single-org tenants.

Advanced tab

Data SourcesDatasource shared with the role.
Restrict Dataset AccessOptional allow- or deny-list of datasets within the selected data sources.
Restrict Field AccessField names hidden from users with the role.
Data Level AccessRow-level access rule that filters returned data for users with the role.

Security pop-up

The Security pop-up is launched from the Security icon in the role list’s Settings column. It presents a checkbox list of all security tags configured in Lens. Multiple tags can be assigned to a single role; users assigned the role inherit visibility into data carrying any of those tags.

Role list columns

Role nameUser-supplied identifier; appears wherever the role is assigned.
SettingsEdit, Security, and Delete actions.

Key behaviors

Additive permissions. A user assigned multiple roles receives the union of all role permissions. Removing a permission from one role does not remove it for users who hold a second role granting the same permission. To revoke a permission, audit every role the user holds.

Subscription gating. Designer-area menus and the artifacts they reach (Reports, Workflows, Maskbits jobs) require the corresponding product subscription. Granting Designer menu access on a tenant without the subscription has no effect — the menu loads but no Designer actions are available.

Security tags integrate with Lens. Tags are created and managed in Lens by Lens Designers. Roles Management consumes the tag list and assigns tags directly to roles via the Security pop-up. Lens Designers attach the same tags to Reports during Report design.

Change propagation. Permission changes saved on a role apply to all assigned users.

System roles vs. custom roles. The five Datanyx system roles (Account Admin, Lens Designer, Weave Designer, Maskbits Designer, Viewer) provide baseline access to product surfaces. Custom roles created here typically layer additional scope on top of one or more system roles.