Overview
In Qlik Cloud, access to resources and capabilities is controlled through assigning roles to users or groups. There are two main categories:
- Security roles: These are assigned to a user or group and grant them general access to
features or capabilities in the tenant. The roles can be of level
adminfor administrative roles, oruserfor non-administrative roles, which control access to capabilities. - Space roles: These are assigned to a user or group at the space level and determine what a user can do in that specific space.
Most content in a tenant resides in spaces, which means that users might need
a combination of security roles and space roles to undertake tasks. For example, even if a user
has been assigned the broadest administrative security role (TenantAdmin),
they still need the appropriate space role to open a Qlik Sense app in a space.
For more information on how roles work, review
the help documentation.
Security roles
Security roles are assigned via either the Users API or the Groups API. Each API requires you to send the role name without spaces, as detailed in the table. Roles names are case-sensitive.
| UI name | API name | Role level | Permission type |
|---|---|---|---|
| Analytics Admin | AnalyticsAdmin | Admin | Permissive |
| Audit Admin | AuditAdmin | Admin | Permissive |
| Automation Creator | AutomationCreator | User | Permissive |
| Automl Deployment Contributor | AutomlDeploymentContributor | User | Permissive |
| Automl Experiment Contributor | AutomlExperimentContributor | User | Permissive |
| Collaboration Platform User | CollaborationPlatformUser | User | Permissive |
| Data Admin | DataAdmin | Admin | Permissive |
| Data Services Contributor | DataServicesContributor | User | Permissive |
| Data Space Creator | DataSpaceCreator | User | Permissive |
| Developer | Developer | User | Permissive |
| Embedded Analytics User | EmbeddedAnalyticsUser | User | Restrictive |
| Managed Space Creator | ManagedSpaceCreator | User | Permissive |
| Private Analytics Content Creator | PrivateAnalyticsContentCreator | User | Permissive |
| Shared Space Creator | SharedSpaceCreator | User | Permissive |
| Steward | Steward | User | Permissive |
| Tenant Admin | TenantAdmin | Admin | Permissive |
For information on each role, refer to the help documentation.
Space roles
Space roles are assigned via the Spaces API. Available roles vary by space type. Roles are case-sensitive, and the API name may differ from the name in the user interface.
| UI name | API name | Supported in shared space | Supported in managed space | Supported in data space |
|---|---|---|---|---|
| Can view | consumer | Yes | Yes | Yes |
| Can contribute | contributor | No | Yes | No |
| Can consume data | dataconsumer | Yes | Yes | Yes |
| Can manage | facilitator | Yes | Yes | Yes |
| Can operate | operator | No | Yes | Yes |
| Can edit | producer | Yes | No | Yes |
| Can publish | publisher | No | Yes | Yes |
| Has restricted view | basicconsumer | No | Yes | No |
| Can edit data in apps | codeveloper | Yes | No | No |
For information on each role, refer to the help documentation.