Administrators can configure access permissions for each data source in Matik, specifying who is allowed to view, manage, and generate dependent content. Data sources use the same sharing experience as templates and Dynamic Content: grant access to individual users and/or user groups, and choose the appropriate permission level.
- No access: The user cannot view or use the data source in any way.
- Read access: The user can query the data source (e.g., during generation). They cannot change its configuration.
- Edit access: The user can manage the data source itself (configuration, sharing, deletion).
Note: The impact of Read access differs for admins vs. end users. See the matrix below for details.
Set or change permissions
- Open Data Sources in Matik and select a data source.
-
Click the people icons to the right of the screen to access sharing settings
- Search for users or user groups and add them.
- Select an access level (Read or Edit). Users not listed will have No access.
What each access level allows
| Action |
No access (admin or end user) |
Read (end user) |
Read (admin) |
Edit (admin only) |
|---|---|---|---|---|
| Edit the data source’s configuration | ✗ | ✗ | ✗ | ✓ |
| Delete the data source | ✗ | ✗ | ✗ | ✓ |
| Add/remove edit access for other users | ✗ | ✗ | ✗ | ✓ |
| Add/remove read access for other users | ✗ | ✗ | ✗ | ✓ |
| View the data source (in UI) | ✗ | ✗ | ✓ | ✓ |
| Create Dynamic Content/inputs from the data source | ✗ | ✗ | ✓ | ✓ |
| Query the data source (e.g. generate presentations) | ✗ | ✓ | ✓ | ✓ |
Definitions: “Admin” means a user with the Admin role in Matik. “End user” means a user without admin privileges.
How data source permissions impact dynamic content and inputs
A user’s access to a data source determines how they can edit and interact with any dynamic content or inputs created from that source.
-
No access
- Admins: cannot create new dynamic content/ inputs from the source and cannot view or access existing dynamic content/ inputs tied to it. Test API / Test Query will not be able to access the source.
- End users: cannot generate content that includes dynamic content/ inputs from the source.
-
Read or Edit
- Admins: can create dynamic content/ inputs from the source.
- End users: can generate content that includes dynamic content/ inputs from the source.
How data source permissions impact content generation
Data source permissions prevent users from accessing restricted data through generation.
- To generate from a template, a user must have at least Read access to all data sources used by that template.
- If any required permission is missing:
- Generate and Test Presentation/Send Email will be blocked.
- The UI will indicate the specific missing permission(s).
- The user can request access, which notifies all template owners to grant permission.
- For admins managing templates: If a shared template has users missing required data source permissions, a banner will call this out and list the affected dynamic content/ inputs. You can then grant the needed data source permissions to all template users.
FAQ
How does this impact my existing data sources?
There is no change to existing access. Whatever access existed before remains the same—it’s now visible in the UI. You can adjust it at any time.
What is the default for new data sources?
New data sources are initially shared with all end users (read) and admins (edit). Please edit the sharing section after creating your data source to add restrictions.
How does this interact with permissions on dynamic content /templates/etc.?
Data source restrictions apply in addition to any permissions on dynamic content, inputs, or templates. For example:
- Admin A has Edit access to the data source used by
{{example_DC}}, but{{example_DC}}itself is only shared with Admin B. - Admin A still cannot access
{{example_DC}}.
What if locking down data sources creates an issue (someone leaves, is on vacation, etc.)?
The Owner Admin role grants access to all assets in Matik. If this is a concern, contact your Matik TAM to have the Owner Admin role granted to an appropriate person in your org.
Comments
0 comments
Please sign in to leave a comment.