HomeCommunityQuickStartsStatus

User Attributes

Suggest Edits

User Attributes can be used to provide a customized experience for your Sigma teams, org members, and embedded users. They can be assigned as a function in a dataset to provide row-level security.

Requirements

  • You must be an organization Admin to configure User Attributes; see Account types.
  • Users with Can edit or Can explore access to a workbook or dataset can reference existing user attributes in functions.
  • You should not use User Attributes in a Materialized Dataset as this can cause undesirable results or errors.

Create User Attributes

Follow the steps below to create a User Attribute.

  1. In your Sigma Admin portal, go to User Attributes and click Create Attribute.
  2. In the New Attribute section, enter a unique name in the Name field.
  3. In the Description field, describe the attribute. Optional.
  4. In the Default Value field, enter a default value. Sigma will use the value defined here if no value is set for a team. Optional.
  5. Click Create.
    company apps

After you click Create, the attribute appears under User Attributes.

company apps

Assign User Attributes

Follow the steps below to assign a team or org member to a User Attribute.

  1. In the Teams Assigned section, click Assign Attribute to assign teams or members to this attribute.

    company apps

  2. In the search bar, search for teams or members to assign this attribute to, or click in the search bar to view a list of your organization's teams and members.

  3. Add a value in the Assigned Value field.Β 
    In the example below, West was added.
    company apps

  4. Click Assign. Your teams and members are now listed under Teams Assigned and Members Assigned sections.

  5. To reorder the priority of teams, go to Teams Assigned, place your cursor over the drag handle thingy.png under the Priority column, and drag and drop the team to the desired priority. Values assigned to users always override values assigned to teams.

    πŸ“˜

    Teams are prioritized based on their order in the list. The team at the top of the list is used first.

Edit or Delete Attributes & Teams

Attributes

To edit or delete an attribute click on an existing attribute. Β On the right, you can click Edit to edit the attribute, or click Delete Attribute to delete it.

In this example, we chose Region Attribute.

edit_att.png

Teams and Members

To edit or unassign a team or member, click on the 3 dots to the right. Click Edit Value to change the attribute and Unassign to dissociate the team or member from the attribute.

edit_team.png

Delete user attributes in bulk

  1. In the admin portal, go to the User Attributes tab.
  2. To bulk delete user attributes, click the box next to each attribute you want to delete. To select all, click the box next to Name.
    company apps
  3. Click the trash can icon to delete the selected attributes.
  4. Click Confirm.

Row-Level Security with User Attributes

Once you create and assign a user attribute to teams, you can use this functionality in a dataset to enforce row-level security using the function CurrentUserAttributeText in a formula.

CurrentUserAttributeText(β€œattributeName”) = [column]

Example: this example uses the configuration above. An admin adds a column named [Region] into a table, creates a user attribute called Region Attribute, and assigns the attribute to a team containing the users listed below. A value is added for each team in the Assigned Value field.

In the example configuration above, there are two different teams assigned to the same attribute. A different value for the region attribute is assigned to each team:

  • Sales US-West is assigned the value West
  • abc is assigned the value Midwest

Once you create a calculated column in the dataset as follows and add a filter on this column with only True selected, team members will only see the rows that correspond to their value in the Region column.

In our example, Sales US-West can see rows with West value in the Region column because we defined Assigned Value as West.

CurrentUserAttributeText(β€œRegion Attribute”) = [Region]

The value entered in Assigned Value for a team limits what they see based on that value.

In our example, the rows that members of team Sales US-West can view are limited to the rows with the value West in the Region column. If the value in the Region column is Midwest, then members of Sales US-West can't see these rows.

Note:The CurrentUserAttributeText function returns the corresponding attribute value as a Text data type. The attrName argument passed to the function must also be a Text data type.

Embed Parameters

The following parameters can be used to pass user attributes in the embed URL:

<user_attribute>[optional] - A user attribute {key: value} pair to be applied for RLS. In the URL, include an independent :ua_ parameter for each attribute you want to use. The value for this parameter isn't case sensitive. See User Attributes and CurrentUserAttributeText()

For more information, see Embed URL parameters.

Custom SQL

Once you successfully configure User Attributes, you can use them in a Custom SQL dataset to provide security. For instance, assume that data for each customer is present in a separate schema. You can leverage Custom SQL to switch the schema based on the user.

πŸ“˜

To use Custom SQL in the manner described above, the tables must have the same schema.

Create a Custom SQL QueryΒ 

We will use a Custom SQL dataset to demonstrate the example above.Β  In a dataset using the formula below, Sigma will switch the schema based on the value assigned to the β€œschema_name” user attribute.

select * from test.{{#raw system::CurrentUserAttributeText::schema_name}}.orders

In the query above, note the following function.

πŸ“˜

If the user attribute name has spaces, use double quotes. For example, Select * from test.{{#raw system::CurrentUserAttributeText::"Attribute Name Example"}}.table_Name

The following line from the example formula retrieves the schema_name attribute value for the current user:

test.{{#raw system::CurrentUserAttributeText::schema_name}}

\#raw removes quotations from the value and allows you to insert raw text.

This syntax can be used anywhere in the SQL statement for any user attribute. For example, it can be used to switch the database or table name in the select or where clause. When swapping table, schema, or database names, the column names must be identical.

Updated about 2 months ago

Related resources
Resources
Sigma home
Blog
Learn
Product FAQs
© 2023 Sigma Computing