Dashboard access control

With dashboard access control, individual permissions determine a user’s abilities. This article describes the individual permissions and how to configure dashboard access control.

Dashboard permissions

There are four permission levels for a dashboard: No Permissions, Can Run, Can Edit, and Can Manage. Only the dashboard owner has Can Manage permission; this permission cannot be shared.

The table lists the abilities for each permission.

Ability

No Permissions

Can View

Can Run

Can Edit

Can Manage

See in dashboard list

x

x

x

x

View dashboard and results

x

x

x

x

Refresh query results in the dashboard (or choose different parameters)

x

x

x

Edit dashboard

x (1)

x

Modify permissions

x

Delete dashboard

x

(1) Requires the Run as viewer sharing setting.

Note

The principal used to execute a query is the user that created the query, not the user that clicks the Refresh button.

Sharing settings

Dashboards support two types of sharing settings: Run as viewer and Run as owner.

To configure sharing settings:

  1. Click Dashboards in the sidebar.

  2. Click a dashboard.

  3. Click the Share Button button at the top right. The Manage Permissions dialog appears.

  4. In the Sharing settings > Credentials field at the bottom, select:

    • Run as viewer: The viewer’s credential is used to execute the queries in the dashboard. The viewer must also have at least Can Use permissions on the warehouse.

    • Run as owner: The owner’s credential is used to execute the queries in the dashboard.

Manage dashboard permission with folders

You can manage dashboard permissions by adding dashboards to folders. Dashboard in a folder inherit all permissions settings of that folder. For example, a user that has Can Run permission on a folder has Can Run permission on the dashboards in that folder. To learn about configuring permissions on folders, see Folder permissions.

To learn more about organizing dashboards into folders, see Workspace browser.

Manage dashboard permissions using the UI

  1. Click Dashboards in the sidebar.

  2. Click a dashboard.

  3. Click the Share Button button at the top right. The Manage Permissions dialog appears.

    Manage dashboard permissions
  4. Follow the steps based on the permission type you want to grant:

    • Can Edit permission

      1. Select the Run as viewer sharing setting.

      2. Click the top field to add a user or group.

      3. Select the Can Edit permission.

      4. Click Add.

    • Can Run permission

      1. Click the top field to add a user or group.

      2. Select the Can Run permission.

      3. Click Add.

  5. Dismiss the dialog.