Help center Get started Knowledge center Product documentation API documentation
Product
Lens Weave Maskbits
Overview
Design
Project
Chart Designer
Visualization
Table Bar Chart Horizontal Bar Chart Stacked Bar Chart Horizontal Stacked Bar Chart Area Chart Line Chart Funnel Chart Pie Chart Donut Chart Waterfall Chart Radar Line Chart Numbered Card Semi Gauge Chart Radial Gauge Chart Linear Gauge Chart Financial Chart Full Gauge Chart Form View Pivot Table Box Plot Chart Geo Chart Tree List Tree Map Sankey Chart Bubble Chart Pyramid Chart
Analytics
Metrics Analysis
Custom Scripts Dimensions Filters Reports
Library
Charts Reports Templates
Dashboard
Dashboard
Schedule
Scheduler
Inbox
Inbox
Migration
Migration
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management Security Tags

Overview

Security Tags are named access-control labels created by Account Admins and applied to individual Charts by Lens Designers. A Tag carries Secure Options and Report Access Options that determine what kind of access it grants; it is paired with a Role in Roles Management to bind the access to specific users.

Security Tags are reached from Admin → Security Tags. Creation, search, and edit are available from this surface. Application of a Tag to an artifact happens elsewhere at design time in the Report Designer or Chart Designer.

When to use it

  • Restrict access to a specific Chart or Report to a defined user group.
  • Group artifacts under shared access rules — multiple Charts sharing one Tag carry the same access policy.
  • Combine with Roles Management to grant or restrict access per Role rather than per user.
  • Set up a governance baseline so Lens Designers can apply pre-approved Tags rather than defining access ad-hoc.

Security Tags surface

Search barFilters the Tag list by name match.
Tag listLists existing Security Tags in the environment.
Settings icon (per row)Opens the edit dialog for the Tag.
Add icon (bottom-right)Opens the Create Security Tag dialog.

Tag fields

Security Tag NameIdentifier for the Tag. Visible in Roles Management when assigning the Tag to a Role, and in the Report Designer / Chart Designer when applying the Tag to an artifact.
Secure OptionsControls how the Tag secures the artifact through Mask and Obfuscation.
Report Access OptionsControls what access the Tag grants (Access Denied, Hide and None) to Reports it is applied to.

Two-part feature model

Security Tags are one half of an access-control pair. The other half is Roles Management. Both are required for a Tag to actually restrict or grant access.

1. Create TagAdmin → Security Tags (this article)Account Admin defines a Tag with name, Secure Options, and Report Access Options.
2. Pair with RoleAdmin → Roles ManagementAccount Admin attaches the Tag to a Role so that users holding that Role acquire the Tag’s access semantics.
3. Apply to artifactLens → Design → Report Designer / Chart DesignerLens Designer attaches the Tag to a specific Chart or Chart within a Report from the three-dot menu. Until applied, the Tag has no effect on any artifact.
4. View at runtimeLens → Dashboard / LibraryWhen a user opens an artifact carrying the Tag, the access policy evaluates against the user’s Roles. The user sees the artifact accordingly.

Key behaviors

Tags are inert without Role pairing and artifact application. Creating a Tag here makes it available, it does not restrict any access on its own. A Tag needs a Role binding (in Roles Management) and an artifact binding (in the Report or Chart Designer) before it affects any user’s view.

Account Admin configures, Lens Designer applies. This is the project’s terminology rule for Security Tags. Account Admins own the Tag catalog and the Role/Tag pairings; Lens Designers attach Tags to specific Charts and Reports at design time. Designers cannot create new Tags, they choose from the catalog the Admin has defined.

Search is name-based. The Search bar filters the list by Tag name.