Skip to main content
Permissions in Credible layer from broad to narrow: an organization role sets what someone can do overall, environment and package permissions control who can build with and consume governed data, and workspace and document permissions control who sees analysis work. Organization roles and groups are managed in Users & Groups; this page covers the resource permissions built on top of them.

How Access Is Granted

Adding a member to the organization does not automatically grant access to any environments or packages. To grant access:
  1. Share directly: Navigate to the resource, click Share (or Permissions), and add the user
  2. Add to a group: Add the user to a group that already has access
Recommended approach: Configure a few groups with the appropriate environment or package access. When a new user joins, add them to the relevant group as a second step after adding them to the organization.

Sharing Environments & Packages

Grant users or groups access to specific environments or packages.
  1. Navigate to the environment or package under Packages & Connections in the sidebar
  2. Click Permissions
  3. Add the user or group and select their role
Environments contain packages, so granting environment access also grants access to all packages in that environment.

Environment Roles

Environment viewers automatically get viewer access to all packages in that environment.

Package Roles

Package access can also be granted to a workspace — that’s what adding a package to a workspace does: every workspace member can query the package through that workspace, without needing individual package permissions.

Sharing Workspaces & Documents

Environment and package permissions govern the data; workspace and document permissions govern the analysis work built on top of it.

Workspace Roles

Users can also request access to a workspace they can’t see into; a workspace manager approves the request from the workspace’s permissions list.

Document Sharing

Individual documents in a workspace — chats, reports, and data apps — can be shared with users or groups at two levels: Document permissions are inherited from the workspace, so workspace members can already see shared work; per-document sharing is for granting access beyond the workspace’s membership, and supports the same request-access flow.

Access Control

The Access Control page in the Credible App manages the lookup table behind secure givens — the values Credible resolves server-side when a published model filters or gates on a #(secure) given. Each row grants a user (by email), a group, or everyone (a default) a list of values for an attribute. An attribute appears here automatically once a published model references it, so assigning values here is the second half of setting up fine-grained access control.

Next Steps

Access Control

Row and field-level security using Malloy annotations

Best Practices

Draw environment boundaries that make permissions easy to manage