Exago supports a variety of approaches to make sure that users can only access the data that is assigned to them. These approaches can eliminate the need to create different reports for each user. This can be done in one of four ways. Using either column, schema, database, or custom SQL based tenancy.
Column-Based Tenancy
The most basic multi-tenant environment is when each table, view and stored procedure has one or more columns that indicate which users have access to each row.
For each Data Object click the Tenant Columns dropdown. Use the Tenant Columns menu to match each tenant column in the data object with its corresponding parameter.
When initializing Exago through the API, set the value of each tenant parameter for the current user.
Disabling Column Tenancy
While disabling tenancy on any tenant columns of a data object is a noted security risk, it proves useful for administrators to be able to briefly disable tenancy for testing purposes. Disabling tenancy simplifies testing by allowing administrators to troubleshoot the dataset without having to remove and re-add tenant columns on each data object.
Important
Tenancy should be disabled for testing purposes only. Do not allow non-administrative users to access data objects with disabled tenancy columns. Doing so can potentially expose sensitive data.
In versions prior to v2019.1, column tenancy can be disabled by leaving the Tenant Parameters value empty causing tenancy to be ignored for that Tenant Column.
Following changes to tenant parameter values in v2019.1+, any Tenant Parameters values set to an empty value will be recognized as an empty string rather than a null value. To continue disabling tenancy in these versions, the parameter value must be set to {disabletenancy}.
Row-Based Tenancy
With Roles, security filters can be added to data objects so that users can only view specific rows in the data object.
In the example below, this role will only be able to see data on reports where the EmployeeID field is equal to 4.
Row Based Filter dialog in Admin Console Role configuration tab
To delete a row based filter, click the Delete icon at the end of the associated row.
Schema-Based Tenancy
Some multi-tenant environments create multiple tables/views/stored procedures with the same name and columns but different database schema. Information is then stored in the appropriate table based on database schema.
To set schema based tenancy in Exago:
On the Data Source set Schema/Owner Name to any valid value.
For each table/view/stored procedure create a data object. In the Name dropdown select the object that utilizes the schema value used in step (1). This will tell Exago that for this data object it should retrieve the schema from the data source.
When initializing Exago through the API, set the schema on the data source for the current user.
Database-Based Tenancy
Another way to assure that each user can only access their data is to provide a separate database for each user. In this situation each database should have the same tables, views and stored procedures.
To support database based tenancy in Exago:
Create a data source and corresponding data objects using any one of the databases.
When initializing Exago through the API, set the connection string on the Data Source to access the appropriate database for the current user.
Custom SQL Based Tenancy
Multi-Tenant security can also be assured by using Custom SQL for all data objects. Exago can pass parameter values into each SQL statement to filter data based on user.
To set Custom SQL based tenancy in Exago:
For each data object open the Custom SQL menu and create the desired SQL utilizing parameters to assure only appropriate information is available.
When initializing Exago through the API, set the value of any parameters utilized in the SQL for the current user.
Note
Parameters should be surrounded by single quotes.
Table of Contents
The (SaaS) CEO’s Guide to Surviving the Great Resignation
Live Panel | Thursday, November 11th, 2021 | 2 PM Est
There are two great teachers of perseverance in this world: sales and distance running. Kevin LaFrazia does both.
Kevin has finished an incredible 18 5Ks, 14 half marathons, and 3 marathons from Florida to California, including the completion of the Disney Coast to Coast series of races in 2015! 🏃🎽😲🤯
Reaching these milestones has taken a ton of dedication, and the grit has come in handy in Kevin’s sales career. He hadn’t even been sure it was the field for him at first, but his dad had always made the job seem fun, somehow.
“It was because he was being himself,” says Kevin. “He just let himself go through sales conversations as a person. I don’t think anyone could have ever told me anything more valuable.” 😊
Being a person has served Kevin well. It’s how he accesses his sense of humor during grueling races and high-stakes phone calls. Take those moments too seriously, and you end up getting in your own way. Find a way to laugh, and, he says, “you’ll be unstoppable.”
Kevin joined our #humansofexago earlier this summer and already feels comfortable in the application he sells. “Knowing the software makes connecting with leads smoother and more conversational.” He’s also enjoyed collaborating with a growing team of SDRs whose “commitment and confidence is so wonderfully heartening.” 💛
When Kevin isn’t reveling in his number-one non-food indulgence, travel, he’s home with his wife, five cats, and surprisingly prolific, ever-expanding school of fish.
icon at the end of the associated row.
