Authorization and Access Control

Organization Roles

Fiddler access control comes with some preset roles. There are two global roles at the organization level

  • ADMINISTRATOR — Has complete access over every aspect of the organization.
  • MEMBER — Access is assigned at the project and model level.

Project Roles

Each project supports its own set of permissions for its users.

There are three roles that can be assigned:

  • OWNER — Assigns super-user permissions to the user.
  • WRITE — Allows a user to perform write operations (e.g. uploading datasets and/or models, using slice and explain, sending events to Fiddler for monitoring, etc).
  • READ — Allows a user to perform read operations (e.g. getting project/dataset/model metadata, accessing pre-existing charts, etc.).

Some notes about these roles:

  • A user who creates a project is assigned the OWNER role by default.
  • A project OWNER or an organization ADMINISTRATOR can share/unshare projects with other users or teams.
  • Only the OWNER only and an organization ADMINISTRATOR have access to a project until that project is explicitly shared with others.
  • Project roles can be assigned to individual users or teams by the project
    OWNER or by an organization ADMINISTRATOR.

Teams

A team is a group of users.

  • Each user can be a member of zero or more teams.
  • Team roles are associated with project roles (i.e. teams can be granted
    READ, WRITE, and/or OWNER permissions for a project).

Click here for more information on teams.

[^1]: Join our community Slack to ask any questions


Did this page help you?