Subscribe

UiPath Data Service

The UiPath Data Service Guide

User Management

The User Management module enables you to manage permissions for an entity service tenant. This extensive and granular permissions model allows you to integrate all your employees using the service based on their level of expertise and your business requirements. Furthermore, you can select Users or User Groups from your cloud account and assign standard roles to them.

The following steps enable you to manage your users and user groups:

Accessing the User Management Module

  1. In the Data Service page click the overlay menu in the upper right corner.
  2. Select User Management.
  1. The User Management page is displayed.

The following tabs are available:

Tab

Description

Users/Groups

Contains a list of all the Groups and Users that are defined for the Data Service tenant and the Roles they have been assigned.

Roles

A list of all the Roles defined for the Data Service. For each Role you can see how many Users/Groups are assigned.

Standard Roles

Standard Roles have a predefined set of permissions. The following standard Roles can be assigned to users created in Data Service:

  • Administrator
  • Data Reader
  • Data Writer
  • Designer

Standard Role Permissions

Each standard Role has different permissions set. When defining a Role, Administrative Permissions are assigned to the Role as well as Data Access Permissions for all Entities that are defined for the Data Service tenant.

Administrative Permissions

Below is a description of the Administrative Permissions that can be assigned to a standard Role.

Permission

Users/Roles with this permission...

Manage Permissions

can create new roles, edit and delete existing roles, and assign one or more roles to Users/Groups.

View Schema

can view the schema of all Entities and all existing choice set definitions, but cannot modify them.

Customize Schema

can view, create, edit, and delete Entities and can view existing choice sets definitions, create new choice sets, edit and delete any existing choice sets.

Data Access Permissions

Below is a description of the Data Access Permissions that can be assigned to a standard Role.

Permission

Users/Roles with this permission...

No access

do not have access to the data in the Entities. This implies that the users are not allowed to create, read, edit, or delete data records for Entities.

Read access for all Entities

can view the data records for all the Entities.

Complete read and write access for all Entities

can create, view, edit, and delete data records for all the Entities.

Overview of standard Role Permissions

Administrator role

See illustration below for an overview of the permissions that are set for the Administrator role.

Data Reader role

See illustration below for an overview of the permissions that are set for the Data Reader role.

Data Writer role

See illustration below for an overview of the permissions that are set for the Data Writer role.

Designer role

See illustration below for an overview of the permissions that are set for the Designer role.

Custom Roles

Custom Roles enable you to create custom sets of permissions that can be assigned to Users/Groups. If you have the Manage Permissions permission assigned you can create new custom Roles.

Custom Role Permissions

For Custom Roles you can decide which permissions you want to assign the role. When defining a role, you can assign Administrative Permissions to the role as well as Data Access Permissions for selected Entities.

Administrative Permissions

Below is a description of the Administrative Permissions that can be assigned to a Custom Role.

Permission

Users/Roles with this permission...

Manage Roles

can create new roles, edit and delete existing roles, and assign one or more roles to Users/Groups.

View Schema

can view the schema of all Entities and all existing choice set definitions, but cannot modify them.

Customize Schema

can view, create, edit, and delete Entities and can view existing choice sets definitions, create new choice sets, edit and delete any existing choice sets.

Data Access Permissions

When defining a Custom Role, you can assign different data access permissions for individual Entities that are defined for the Data Service tenant. For each Entity you can select whether users with the Custom Role assigned can Create, Read, Edit and/or Delete data records defined for the Entity. Moreover, when Role base field access is enabled for specific fields you can assign the data access permissions in the Custom Role definition.

Below is a description of the Data Access Permissions for an Entity that can be assigned to a Custom Role.

Permission

Users/Roles with this permission...

Create

can create data records for the Entity.

Read

can view Entity data records.

Edit

can view and modify Entity data records.

Delete

can view and delete Entity data records.

Create Custom Roles

Follow the steps below to create a new Role.

  1. In the Roles tab click on Create New Role.
  1. In the Create Role panel enter a name for the new role in the Role Name field.
  2. Select the Administrative Permissions that you want assign to the role.
  3. If you want to add Data Access Permissions to the role, you must select an Entity first.
    • Click on + Add Entity to display available Entities.
    • Select the Entity for which you want to define the permissions.
    • By default, the Read permissions is enabled. You can enable the other permissions as desired.

See illustration below.

  1. Click on Save to create the new Custom Role. The Role is displayed in the Roles tab and indicated as Type Custom. See illustration below.

Setting permissions for specific fields

When creating entities it is possible to enable Role base field access for non system built-in fields. When defining a Custom Role, you can assign the data access permissions for these fields. In this case, this is indicated when you create or update a Custom Role.

📘

Note

Only Custom Roles can be updated to grant permissions to access the data in the fields.

Follow the steps below to set role based field permissions.

  1. Create a new role, or edit an existing Custom Role.
  2. If Role base field access is enabled click on Add them next to Certain fields require data access permissions.
  3. Select the fields for which you want to set permissions for users with this role assigned. The fields are displayed in the list.
  4. Set the permissions as desired and click on Save.

See also Customizing an Entity.

Adding Users

All calls in the Data Service are based on user authorization. The decision to grant/deny an operation is always based on the effective permissions for the user based on their individual or group membership permission grants. Studio, Assistant, and Robot will also inherit permissions based on their configured users.

Data Service supports all users or groups defined in the account and doesn’t maintain a separate user list. To add users that are part of your organization for the tenant follow the below steps:

  1. In the Users/Groups tab click on Add Users/Groups.
  1. In the Add Users/Groups panel start typing the name of the user you want to add.

📘

Note

If you cannot find a user it means they don't have an account within the Automation Cloud organization.

  1. Select the user you want to add from the search results list.
  2. Check the Roles you want to assign to the User.
  1. Click on Save.

The newly added user together with the assigned roles is displayed in the Users/Groups list.

Defining Roles for a User/Group

A group is a collection of user accounts. Data Service supports all groups defined in the account and does not maintain a separate list of groups. A permission granted to a group propagates to all users and groups. To define the Roles for a User/Group follow the below steps:

  1. In the Users/Group tab hover over the User/Group for which you want to define the Roles.
  2. Click the Edit icon available on the right-hand side.
  1. Select the desired Roles for the User/Group.
  2. Click on Save.

📘

Note

You can assign multiple Roles to a User/Group. In this case, the User/Group has all the permissions from all the assigned Roles.

Default User Group Mapping

User Groups are user containers with specific permission sets that can be configured with specific permissions in services within Automation Cloud. Permissions for groups can be configured within each service by selecting the group and associating desired permissions, in the service-specific permissions management pages. Users get the union of all permissions assigned to the groups they are members in.

When you assign users to a group within Cloud Portal, you grant them access to all the services which have permissions configured for that specific user group. The level of access to the service is determined by the roles assigned to that group at the service level.

Cloud Portal Group Membership

Organization Level Role

Data Service Roles

Administrators

Organization Administrator

Administrator, Designer and Data Writer

Automation Developers

User

Designer and Data Writer

Automation Users

User

Data Writer

Everyone

User

Data Reader

Updated 3 months ago

User Management


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.