Permissions introduction

There are always going to be sensitive bits of information in your data, and thankfully Metabase provides a rich set of tools to ensure that people on your team only see the data they’re supposed to.

If instead you’re wondering about what data Metabase the company can see, check out our page on data privacy and security.

Key points regarding permissions

  • Permissions are granted to groups, not people.
  • People can be in more than one group.
  • If a person is in multiple groups, they will have the most permissive access granted to them across all of their groups. For example, if a person is in three groups, and any one of those groups has Curate access to a collection, then that person will have curate access to that collection.

What you can set permissions on

Data permissions

Data permissions allow you to set permissions on database and their schemas and tables.

Collection permissions

Collection permissions dictate which groups can view/edit items in collections, including:

  • Questions
  • Dashboards
  • Models
  • Events
  • Timelines

Application permissions

Application permissions (available on Pro and Enterprise plans) dictate access to Metabase application-level features, including:

  • Settings: The Settings tab in the Admin panel.
  • Monitoring access: The Tools and Troubleshooting tabs in the Admin panel.
  • Subscriptions and Alerts. Which groups can create/edit dashboard subscriptions and alerts.

SQL snippet folder permissions

For plans that include SQL Snippet Folders, you can also set permissions on those folders.

Changing permissions

Whenever you change permissions for a group, make sure you:

  • Save your changes.
  • Click yes to confirm your choices.

Further reading

Read docs for other versions of Metabase.