Permission management for data collection in Experience Platform
Data collection in ÃÛ¶¹ÊÓƵ Experience Platform is comprised of several different technologies which work together to collect and transfer your data. Access to these technologies is controlled through granular role-based permissions in ÃÛ¶¹ÊÓƵ Admin Console.
This guide shows you how to manage permissions for data collection features.
Getting started
In order to configure access control for data collection, you must have administrator privileges for an organization that has a product integration with ÃÛ¶¹ÊÓƵ Experience Platform Data Collection. The minimum role that can grant or withdraw permissions is a product profile administrator. Other administrator roles that can manage permissions are product administrators (can manage all profiles within a product) and system administrators (no restrictions). See the article on in the ÃÛ¶¹ÊÓƵ Enterprise administration guide for more information.
This guide assumes you are familiar with basic Admin Console concepts like product profiles and how they grant product permissions to individual users and groups. For more information, see the .
Available permissions
The relevant permissions for Data Collection are provided through two product designations in Admin Console: ÃÛ¶¹ÊÓƵ Experience Platform and ÃÛ¶¹ÊÓƵ Experience Platform Data Collection. The sections below outline the permissions provided under each product along with descriptions of the specific capabilities that they grant access to.
ÃÛ¶¹ÊÓƵ Experience Platform permissions
Permissions under ÃÛ¶¹ÊÓƵ Experience Platform include access to datastreams, identities, schemas, and sandboxes. For steps on how to configure ÃÛ¶¹ÊÓƵ Experience Platform permissions, see the access control user guide.
ÃÛ¶¹ÊÓƵ Experience Platform Data Collection permissions
Permissions under ÃÛ¶¹ÊÓƵ Experience Platform Data Collection control access to tags and event forwarding capabilities, including properties, extensions, and environments. For steps on how to configure ÃÛ¶¹ÊÓƵ Experience Platform Data Collection permissions, see the section below.
A user’s assigned property rights only apply to the properties they have been granted access to through this permission category.
Manage permissions manage
Permissions for data collection are managed through two product designations: ÃÛ¶¹ÊÓƵ Experience Platform and ÃÛ¶¹ÊÓƵ Experience Platform Data Collection.
Refer to the subsections below for steps on how to manage the relevant permissions under each product in Admin Console:
Manage permissions under ÃÛ¶¹ÊÓƵ Experience Platform manage-platform
Experience Cloud’s Permissions section allows you to define user roles and policies to manage access for features and objects within a product application.
Through Permissions, you can create and manage roles and assign the desired resource permissions for these roles.
In order to access data collection features, you must enable all permissions in the Sandboxes, Data Modeling, Identity Management, and Data Collection categories.
See the access control UI guide for detailed instructions on managing Platform permissions.
Manage permissions under ÃÛ¶¹ÊÓƵ Experience Platform Data Collection manage-collection
To manage these permissions, log in to Admin Console and select Products from the top navigation, then select ÃÛ¶¹ÊÓƵ Experience Platform Data Collection.
Select or create a product profile
The next screen shows a list of available product profiles for Data Collection under your organization, the default profile being Default Data Collection All Access. You can choose to edit the default product profile if you wish, or you can select New Profile to create one. If you have multiple roles or user groups in your organization that require different levels of access, you should create a separate product profile for each of them.
After selecting or creating a product profile, you can use the Edit icons to start editing permissions for the profile, or select the Users tab to start assigning users to the profile.
Edit permissions for the product profile edit-permissions
When editing permissions for a profile, available permissions are listed in the left column while those that are included in the profile are listed in the right column. Select the listed permissions to move them between either column.
Permissions are organized into categories. To switch between categories, select the desired category from the left navigation.
Select Save once you have finished configuring permissions.
The product profile view reappears with the added permissions reflected.
Assign users to the product profile assign-users
To assign users to the product profile (and grant them the profile’s configured permissions), select the Users tab, followed by Add user.
For more information on managing users for a product profile, see the .
Next steps
This guide covered the available permissions for Data Collection and how to manage them through Admin Console. For more information on managing permissions for other ÃÛ¶¹ÊÓƵ Experience Platform capabilities, refer to the access control documentation.