ACL

The ACL API provides endpoints for managing access control and permissions within your Decube organization. Use these APIs to control user access to data assets, implement role-based security, and automate permission management workflows.

Available ACL Resources

Groups

Manage user groups for scalable access control. Groups allow you to organize users by role, department, or project and apply permissions collectively rather than individually.

Key Features:

  • Add and remove users from groups

  • List all available groups in your organization

  • Retrieve group details and memberships

  • Automate role-based access provisioning

View Group API →

Common Use Cases

  • Role-Based Access Control: Organize users into groups based on their organizational roles

  • Project-Based Permissions: Create groups for specific projects or data domains

  • Automated Provisioning: Integrate with HR systems to automatically manage user permissions

  • Data Governance: Implement fine-grained access controls for sensitive data assets

For detailed examples and workflows, see the Access Control and Security section in our use cases guide.

Key Concepts

  • Group: A collection of users that share common access permissions

  • User Membership: The association between a user and one or more groups

  • Permission Inheritance: Users inherit all permissions granted to their groups

  • Role-Based Security: Organizing access control around organizational roles rather than individual users

Best Practices

  • Follow Principle of Least Privilege: Grant users access only to the resources they need for their role

  • Regular Audits: Periodically review group memberships to ensure they remain appropriate

  • Automate Where Possible: Use API integrations to automatically provision and deprovision access based on role changes

Last updated