This is my first post so sorry if I have not explained my scenario well enough!
Currently have SSO via SAML. What i would like to achieve is two level of security based on user attributes.
First is that a standard learner will only have access to their own records, secondly a reporter will only have access to records within their own company.
The attributes can be gained from an access_group_id field in a user_details table. So a record with an access_group_id of 2 can only access their own records and one with an id 0f 3 can only access their own company records so all users within that company.
However the users only have an entry in admin(user management) on sisense once they have logged in via SSO as this then creates their records. However they do have a record in the elasticube in user_details.
Is their anyway i can set a variable security rule that says generically lookup user email from sisense user admin, and only allow access to records that match that email in the user_details table and with an access_group_id of 2. And something similar for company records if access_group_id is 3?
Please sign in to leave a comment.