Assigning granular user permissions
While Celonis Platform admins have a defined set of permissions, you must assign permissions to your analysts, members, and groups of users within your team.
You can assign granular permissions based on service, container, and object levels within your Celonis Platform team. These levels work on a hierarchy, with the highest level (the service level) overriding any conflicts in either the container or object level.
Service level
This is the highest level, giving user permissions across a service within your Celonis Platform , such as the Studio. In this example, you are granting the user permissions to the whole Studio.
To set service level permissions, click Admin & Settings - Permissions and then edit the relevant service.
Container level
This is the top-level object within a service, such as Studio - Space. In this example, you are granting the user permissions within just the space.
To set container level permissions, once inside the service click Options - Permissions:
Object level
This is the specific object within a container, such as Studio - Space - Package. In this example, you are granting the user permissions within just the package.
To set object level permissions, once inside the space click Options - Permissions:
Permissions overview
To help you identify the permissions you need to set, use this table.
Service | Container | Object |
---|---|---|
Data Integration | Data Pool | Data Model |
Studio | Space | View / Analysis / Action Flow / Data Explorer / Skill |
Action Engine | Project | Skill* (N/A) |
Machine Learning | Workspace | App |
Process Analytics | Workspace | Analysis |
Process Automation | Agents* (N/A) | |
Process Repository | Category | |
Transformation Center | Objective | KPI* (N/A) |
*Permissions can’t be assigned to these objects.
For example, the Studio service needs service level permissions, a studio package needs container level permissions, and a views, analysis, action flows, data explorers, and skills needs object level permissions.
You have the option to control Access and permissions to view, edit, and activate them. When you request activation of this feature, we’ll remove access to Action Flows for users with the Analyst role by default.