Role Type Definition

[This topic is pre-release documentation and is subject to change.]

A Role defines a AAD-based security group that has a set of defined permissions on Hub resources. Roles can be defined over limited scopes, such as on selected Profiles, Interactions, KPIs etc. Customer Insights uses a role-based access security (RBAC) model that has the built-in roles defined in the following table.

Role Permission on the specified scopes
Admin ALL operations at the tenant endpoint
Reader READ operations at the tenant endpoint
MetadataAdmin ALL operations at the tenant's /manage endpoint
MetadataReader READ operations at the tenant's /manage endpoint
DataAdmin ALL operations at the tenant's /data endpoint
DataReader READ operations at the tenant's /data endpoint

Properties

Property JSON type Description
roleName* string Name of the role, built-in types from table above.
description string Description of the role

JSON example

{ 
    "RoleName":"Admin", 
    "Description":"Primary administrator for Hub1" 
}