When you install Vizlib Server, you create an administrator account for the Vizlib Management Console (VMC). This account has permissions to view and configure every VMC feature. But you may find you need more than one administrator account, or you may want to restrict access to some features (e.g. performing a server restart, or viewing comments in a workstream).
Vizlib Server now supports 3 levels of VMC user role with Qlik Sense user IDs used for login. There are also VMC pages for User Roles and Workspaces, and Public or Private settings for integrations, streams, destinations, security rules, workspaces, and workflows.
Note on Qlik Sense Licenses: Vizlib Server is only available to users with Enterprise customer plans, and supports Qlik Sense Professional, Analyzer and Analyzer Capacity Licenses. User Role Security Rules can be applied to all accounts which hold one of these licenses.
TABLE OF CONTENTS
- VMC User Roles
- Managing VMC Resources
- VMC Login with Qlik Sense
- VMC User Roles - Examples
- Public and Private Settings
- User Roles Page
- User Role Security Rules
- Workspaces
VMC User Roles
Vizlib Server now supports user roles with different levels of access.
- Root Admin - Full access to all sections in the VMC (same as the account created at installation).
- Admin - Full access to all sections apart from Server Settings or Qlik Sense settings. Can manage Public and Private integrations, streams, destinations, security rules, workflows, including changing visibility.
- Content Admin - No access to Server Settings (apart from Integrations). Can view/use Public resources and create integrations, streams, destinations, security rules, workflows but cannot edit any settings created by other users. Cannot restart server, or update user license.
You can find a full reference of user permissions for each user role here.
Managing VMC Resources
The VMC is the host site for managing resources related to the Vizlib Server installation it supports. Resources in this context mean components which users create and manage within the VMC - Integrations, Streams, Workspaces, Workflows and Destinations. VMC resources can be created with Public or Private settings (see below). While users with VMC access can re-use public resources, they cannot edit them unless they have Admin or Root Admin permissions.
Rather than have large numbers of users with full access permissions, there is an access level called VMC Admin which can be granted to other content admin users via a security rule. If you choose VMC Admin as an Access Level, any user added to the rule will be able to modify the resource, but will not be able to grant VMC Admin access to other users.
A Root Admin user can also make changes to the ownership of resources, which can be used to re-allocate a resource owner if there are any changes to user accounts e.g. a user has left the company, but the resources they managed are still required.
VMC Login with Qlik Sense
The VMC login screen has 2 options (Figure 1).
- Login using the administrator account created at installation.
- Login using Sign in using Qlik Session, selecting the Qlik Sense node virtual proxy linked to your account. You must be logged into the corresponding Qlik Sense server to use this log in method. Note: A Root Admin user can select a specific virtual proxy in the VMC under System Settings>Default Settings, which means users will only need to select it when they first log in
Once you log in, you'll see your username in the top right corner. To log out, click the top right panel showing your username, and select Log Out. You can also choose to Refresh Permissions if needed.
Figure 1: VMC Login
VMC User Roles - Examples
Figure 2 shows a VMC Login for the account created during the installation (called admin). The user has full access to all of the VMC functions, and can edit settings created by other users (Root Admin users have the same permissions). In the top right corner there is a Restart Server button beside Logout / Refresh Permissions. You can find full details of all user role permissions here.
Figure 2: Administrator Login
Figure 3 shows a VMC Login for a Content Admin user role. The user can only view the Integrations page from System Settings, they cannot edit integrations created by other users (these settings are greyed out and cannot be opened), and they cannot restart the server. You can find full details of Content Admin permissions here.
Figure 3: Content Admin User Login
Public and Private Settings
Public and Private settings can be applied to VMC configurations by Root Admin and Admin users. (Figure 4 shows an integration).
Figure 4: Public and Private Setting
- Public - other Content Admin users will be able to re-use the resource, but cannot edit them directly.
- Private - only the creator (you), Admin and Root Admin users can re-use the resource.
You can apply Public/Private settings to Server Settings (Integrations), Teamwork Settings (Streams, Workflows, Workspaces), Writeback Settings (Destinations) and Finance Settings (Streams, Workspaces).
User Roles Page
If you're logged in as a Root Admin or Admin user, you can review user group settings in the the User Roles page (Figure 5). The account created during the installation is listed as administrator, with the host server listed as the Directory. All other available accounts can be identified by their User ID (Qlik Sense user IDs are used as a default value).
Figure 5: User Roles
User Role Security Rules
You can define user roles in the Security Rules page of the VMC (Figure 6 shows the setup for a Content Admin user).
Note: If the owner of a security rule is de-activated and the rule cannot be access by a VMC Admin, please contact your Root Admin user to have the ownership of the rule transferred.
- Click New Rule to open the window for adding security rules.
- Select User Role as the ResourceType.
- Choose an access level as the Resource ID.
- Select the condition for when to apply your rule, defining an Attribute Type, an Operator and a Value. This example applies a userId with the value of a specific email address.
- Click Add Condition if you need to add any other conditions for the rule.
- Click Create Security Rule to add the rule, which should appear in the list of security rules.
For more information on managing security rules, please see our article here.
Figure 6: User Role Security Rule
Workspaces
In the VMC, Teamwork Settings and Finance Settings have a Workspaces page (Figure 7 shows the Add Workspace window in Finance Settings). You can use workspaces to help separate different streams in Vizlib Teamwork and Vizlib Finance Report from using the same comments. You can find out more about Vizlib Teamwork workspaces here, and Vizlib Finance Report workspaces here.
Figure 7: Add Workspace