Required permissions for Unified Data Classification

Important

Choose an option below to explore the documentation for the latest user interface (UI) or the classic UI.

Latest UI Classic UI

The following tables show the roles and permissions required to use Unified Data Classification.

Permissions to manage data classes

Action	Global Permission (*)
View data classes This means clicking the Data Classification tab and viewing data class details.	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read
Add data classes	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read Classification > Data Classes > Add
Import data classes	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read Classification > Data Classes > Add Classification > Data Classes > Update
Edit data classes	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read Classification > Data Classes > Update
Delete data classes	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read Classification > Data Classes > Remove
Merge data classes	Product rights > Catalog () Product rights > Data Stewardship Manager () Classification > Data Classes > Read Classification > Data Classes > Add Classification > Data Classes > Update Classification > Data Classes > Remove

(*) As a user, you need a role that has these global permissions.
(**) This permission is not needed when using the REST API.

Permissions to classify data

Action	Global Role	Global Permission	Resource Permission ()(*)
Manually classify columns This means manually adding a classification to a Column asset.	Catalog	Product rights > Catalog Classification > Data Classes > Read Classification > Data Classes > Add, if you create a new data class manually while adding a classification.	Asset > Attribute > Add Asset > Attribute > Update
Automatically classify columns, tables, schemas, or databases	Catalog	Product rights > Catalog Classification > Classify Edge > View Edge connections and capabilities	Asset > Attribute > Add Asset > Attribute > Update Asset > Attribute > Remove
Accept or reject a classification	Catalog	Product rights > Catalog	Asset > Attribute > Update

Action

Global Role

Global Permission

Resource Permission (*)(**)

Manually classify columns
This means manually adding a classification to a Column asset.

Catalog

Product rights > Catalog

Classification > Data Classes > Read

Classification > Data Classes > Add, if you create a new data class manually while adding a classification.

Asset > Attribute > Add

Asset > Attribute > Update

Automatically classify columns, tables, schemas, or databases

Catalog

Product rights > Catalog

Classification > Classify

Edge > View Edge connections and capabilities

Asset > Attribute > Add

Asset > Attribute > Update

Asset > Attribute > Remove

Accept or reject a classification

Catalog

Product rights > Catalog

Asset > Attribute > Update

(*) As a user, you need a role that has these resource permissions for all involved column assets.
(**) You also need the View permission on all assets that you want to classify.
For example, if you start the classification from a Table, you need the View permission on the table and on the related columns.
image of View permission