- Managing Permissions
- Data Visibility Groups
Use Data Visibility Groups to control what data can be accessed via our API and to split out your data by groups such as testing and production. An data visibility group consists of API tokens, data sources, and end user groups. Each API token can be configured to have either read-write or read-only permissions to our API.
When one of your team members uses that API token to access your data, Explo will only send the data sources and end user groups associated with that token’s data visibility group. If someone tries to create a new end user group via the API, they will only be able to associate that end user group with data sources also linked to their token.
You might want to create a “Testing” data visibility group for your developers. This group would have one API token with read-write permissions and would be associated with any of the end user groups or data sources that you’ve created for the purposes of testing your dashboards.
Now, anyone using the “Testing” API token would be able to test embedding Explo dashboards without seeing any production data. Because the token is read-write, they’d be able to create new end user groups to test with, but those new end user groups would also only be able to use your “testing” data.
Managing Data Visibility Groups
To manage your data visibility groups, go to the Data Visibility Groups section of the settings page. From there, you have the ability to create and delete data visibility groups, add, modify, or delete API tokens, and update the data sources associated with each.
For each schema, you can choose one data source to be the default for your data visibility group and any number of other data sources to also belong to that data visibility group. Note that one data source can belong to multiple data visibility groups if you require that. Defaults can be configured in the manage schemas modal on the data sources page.
Updating End User Group Visibility
Data Visibility Groups and their association with end user groups can be managed from the end user group modal. Note that an end user group can only be associated with one data visibility group at a time.