21 February 2024

Data Engine permissions

Data Engine users belong to groups assigned to roles with permissions to access data in messages and to control or configure the SITS agents. Integrations require that API users belong to groups assigned to roles with permissions to configure access to the Data Engine APIs.

Groups must be assigned to the Web app Edge admin to access Data Engine in the System admin.

The table Data Engine features details the features and corresponding permissions and roles.

Data Engine features
Feature Data Engine area Description
ADD authentication Administration Administration permissions define whether users can access the OData APIs using Azure Active Directory authentication.
Message types Data access

Data access permissions to enable users to view all data with the OData APIs.

Warning.

Data Engine allows Power BI users to access sensitive, financial, and special category data from SITS:Vision.

This may not be appropriate for all Power BI users. If a Power BI user is not entitled to access sensitive, financial, and special category data, they should not produce Power BI reports in Data Engine. Unauthorised access to sensitive, financial, and special category data could constitute a data breach under the Data Protection Act 2018 or General Data Protection Regulation (GDPR). If in doubt, contact your data protection officer.

SITS agent configuration Management Management permissions define whether users can configure and change the settings for reporting processes, and view and monitor basic reporting processes, such as reporting logs and message type workers.

The Data Engine roles and permissions are as follows: