Contextual Security Rules for Data Access Roles

Grant access to data based on organizational structure.

One Model Contextual Data Access Rules allow you to grant a user access to data based upon that users position in the data set. For example, you can create a manager data access role, then assign a contextual data access rule to that role which grants that manager access to the people who report to her. 

Here’s a video walking you through how it works.


The benefit of these rules is that the same rule works for all managers in the organization-- without you having to manually configure different rules for different teams. This is because the rule operations based on the context of each person in the data. I see my team, and you see yours-- all based on the logic of that single rule. 

As a related benefit, as employees move around your organization, contextual security rules update as soon as the organizational data refreshes in One Model. For example, if you get promoted and your team grows, your data access rule will see the change in the data and allow you to see metrics on your expanded team. 

Manager access is a common use case for contextual security rules, but not the only one. The same logic could be applied to other data relationships like cost center. Heck, if you wanted to just be silly I think you could make a version that allows a user to see data for anyone who has less organizational tenure than them. Can’t think of a legit reason to do that, but it is intriguing...
To initally set-up contextual rules for your organization, please work with your Customer Success and Operations team. They'll ensure that the tables and linkages are correct to meet your security needs.

Was this article helpful?

0 out of 0 found this helpful



Please sign in to leave a comment.