Introduction and Getting Started > Permissions and privileges for Data Marketplace
  

Permissions and privileges for Data Marketplace

Before you can use Data Marketplace, you must assign the appropriate permissions and privileges to the users of the organization that will use Data Marketplace.

Roles

A role is a set of privileges that you can assign to users and user groups. Roles define the boundaries within which the users can act. As an organization administrator there are two types of roles that you can assign to the users in your organization.
User roles
A user role defines the permissions and privileges for different types of assets and features. Administrators can create and assign user roles for the organization in Administrator. You can assign a user role to the users or user groups in your organization.
The organization administrator can assign either a predefined Informatica Intelligent Cloud Services role or a custom role to a user. Predefined roles allow you to quickly get the users in your organization started with Data Marketplace. For more information about the predefined roles for Data Marketplace, see Predefined roles. Custom roles allow you to refine user permissions and privileges based on the needs of your organization. For more information about custom roles, see Custom roles.
The administrator can assign the role to an individual user and a user group. For more information about assigning user roles, see User Administration in Administrator.
Stakeholder roles
A stakeholder role is a defined organizational responsibility that you declare on objects such as a category or a data collection. Stakeholder roles allow you to control how authorized users interact with the objects for which they are responsible.
A stakeholder role reflects a user's responsibilities as a stakeholder of an object and allows them to perform tasks with only the necessary permissions and privileges. In Metadata Command Center, you can create stakeholder roles from user roles and use them in access policies to grant users granular access to objects.
Unlike with Informatica Intelligent Cloud Services user roles that allow users to perform actions across Data Marketplace, a user with a stakeholder role can only perform actions on the assets on which they are assigned as a stakeholder. For example, a user that is assigned with the Data Marketplace Administrator user role can perform various actions such as create, modify or delete data assets. On the other hand, a user that is assigned as a stakeholder of a category with the Category Owner stakeholder role can only manage their respective category and the subcategories and data collections within it.

Metadata access control

If you require a more granular access management experience, you can leverage metadata access control in Metadata Command Center to exert even greater control over how users interact with the objects in Data Marketplace. Metadata access control is the practice of managing the level of user access to assets in your organization through a set of rules called access policies.
As an administrator, you can define access policies in Metadata Command Center that allow you to:
Metadata access controls allow you to ensure that users can only view the data and perform the actions you deem appropriate. This can include obfuscating or hiding segments of data in Data Marketplace. For example, if you have data collections that contain sensitive information such as a possible but incomplete acquisition your company is planning to make, you may want to allow only your Mergers and Acquisitions team to view them. To accomplish this, you can create a separate category called ‘Mergers and Acquisitions’ and add the relevant data collections to this category. After this, you can apply the relevant metadata access controls to the category to hide it from the view of unauthorized users.
For more information about how you can use metadata access control in Metadata Command Center, see the Use Metadata Command Center to enrich and manage objects topic in the Set Up Data Marketplace help.