• Home
  • Visit Our Website
  • Home
  • Visit Our Website
Visit Our Website

Users

144
  • Getting Started
    • The Assette Navigation Bar
    • The Assette Home Page
    • How to Log into Assette
    • Glossary
  • Authoring Center
    • Smart Docs
      • How to Create a Smart Doc
      • Smart Doc Troubleshooting
      • Tracking Changes with Life Events
      • Copying and Restoring from Version History
      • Smart Docs
      • Smart Docs X-Ray View
      • Troubleshooting
        • Troubleshooting Smart Docs
    • Smart Pages
      • Creating & Editing Smart Pages
      • Tracking Changes with Life Events
      • Copying and Restoring from Version History
      • How to Insert Blank Columns and Rows
      • Changing a Smart Page’s Size
      • Compliance Tags
      • Deleting Smart Pages
      • Supported PowerPoint Charts
      • Smart Page Content Classifications
      • Smart Pages
      • How to Unlock a Smart Page
      • Smart Page X-Ray View
      • Assette Editors
        • PowerPoint Editor
          • How to Insert Images Using the Assette Ribbon
          • How to Add New Series to a Chart
          • Assette Ribbon
            • The “Un-Fabricate” Button
          • Troubleshooting
            • How to Check Your Microsoft PowerPoint Version
            • Installing the Assette PowerPoint Editor
          • Advanced Settings
            • Zigzag Tab
            • Margin Tab
            • General Tab
            • Advanced Settings Overview
    • Fixed Content
      • Fixed Content
    • Data Docs
      • Data Docs
    • Smart Shells
      • How to Preview Smart Shells
      • Coupled Shells
      • Tracking Changes with Life Events
      • Creating an “As of Date” Smart Shell
      • Copying and Restoring from Version History
      • Performance History Chart
      • Deleting Smart Shells
      • Smart Shell Content Classifications
      • Creating Smart Shells via Assette’s PowerPoint Editor
      • Editing Smart Shells Using the Smart Shell Library
      • Renaming Smart Shells
      • Smart Shells X-Ray View
      • How to Refresh Smart Shells
      • Creating Smart Shells Using the Smart Shell Library
      • Smart Shells Frequently Asked Questions (FAQ)
      • Smart Shells
    • Brand Themes
      • Assette Dynamic Brand Theme Setup
      • Brand Themes
      • Managing Multiple Themes Within a Single Brand Theme
      • Dynamic Brand Themes
      • Master Slide Layouts for Dynamic Brand Themes
      • Changing a Smart Page’s Size
      • Creating a Brand Theme
      • Shell Styling
    • Email Templates
      • Using Variables in Assette Email Templates
      • Email Templates
    • Additional Features
      • Automatic Extension Correction
      • X-Ray View Overview
      • The Generation Screen
  • Content Hub
    • Library
      • Saved Trays in the Assette Library
      • Content Generation and Sharing with Content Library
      • Content Library
    • My Workspace
      • Copying Content to My Workspace
      • My Workspace
    • Workrooms
      • How to Edit Content in a Workroom
      • Copying Content to a Workroom
      • Workroom
    • Assette Viewer
      • Disabling or Removing the Assette Outlook Add-in
      • Assette Viewer Basics
      • Assette Viewer Overview
    • Content Center
      • How to Add a New Organization to the Organization Master
      • Content Plan Data Model
      • Content Plans
      • Content Types
      • Using Advanced Search in the Content Library
  • Data Engine
    • Input Center
      • Input Center Overview
      • External Content Overview
      • Recipients
      • Data Files Overview
    • Qualitative Data
      • Ownership Data
      • Firm Overview
      • People Data
      • Master Questionnaire
      • Qualitative Data
    • Developer Center
      • Developer Tools Overview
  • Analytics
    • Component Analytics
    • Content Sharing Analytics
  • Administration
    • Creating & Editing Work Groups
    • Workbox
      • Workbox Basics
    • Content Type Master
      • Content Filename Aliases
    • Users
      • Work Group Basics
      • Internal Users
        • SSO Internal User Roles & Tasks
        • Internal User Roles & Responsibilities
        • Reset or Unlock User’s Accounts
        • Manually Creating Users in Assette
      • Work Groups
        • Creating Subgroups
        • Creating & Editing Work Groups
    • Workflows
      • Workflows Basics
      • Workflow Frequently Asked Questions (FAQ)
      • Workflow Management
        • Workflow Management Overview
        • Workflow Reassignment
      • Workflow Design
        • Creating Conditional Workflows
        • Editing or Deleting a Workflow
        • Creating a Workflow
    • Product Master
      • Deactivating & Deleting Products
      • Product Master Overview
      • Troubleshooting Product Master Errors
    • Classification Master
      • Data Ingredients Overview
      • Labels
      • Compliance Tags
      • Limitations
      • How to Manage Content Classifications
      • Classification Master Overview
      • Creating & Managing Labels
  • Client Portal
    • Security Overview for the Assette Client Portal
    • Creating Notifications for Client Portal Users
    • Client Portal Overview
    • Client Portal Users
      • Client Portal Frequently Asked Questions (FAQ)
      • Client Portal Session Handling
      • Log into the Assette Client Portal
      • Deleting a Client Portal User
      • Creating a New Portal User
      • Managing User Access in the Client Portal
      • Monitoring and Accessing User Login Activity for Client Portal
      • Editing or Creating Portal Users
  • Tutorials
    • When to Create a New Artefact in Assette
    • Creating a Fixed-Row Zigzag Table
  • Legacy Support
    • Data Validations [Legacy]
    • Assette Roles Overview [Legacy]
    • Internal Users Management [Legacy]
    • Create & Manage Attributes [Legacy]
    • Assette Centers [Legacy]
    • Legacy Authoring Center
      • Data Object Library [Legacy]
      • Data Docs [Legacy]
      • Smart Shells [Legacy]
      • How to Create a New Smart Page [Legacy]
      • Legacy Smart Pages
        • Creating and Editing Smart Pages [Legacy]
      • Legacy Smart Docs
        • Creating a Smart Doc [Legacy]

Developers

195
  • Getting Started
    • The Assette Navigation Bar
    • User Login & Creation
      • Permission Groups Overview
      • How to Create & Assign Permission Groups
      • Add Assette Users with Azure AD
      • Developer Roles & Permissions
    • Implementation Overview
      • Connecting to Source Systems with Assette
      • Fields Synchronized with Assette
      • Essential Data Blocks
      • Introduction to Assette Implementation
      • The Assette Implementation Approach
      • What Data is Required to Start?
  • Developer Tools
    • Tool Setup
      • Prohibited Data Block Keywords and Built-ins
      • Master Data Scheduler
      • Python Data Block Libraries & Keywords
      • Developer Center Configurations
      • Assette Development Stack
      • Troubleshooting
        • Troubleshooting AxiosError: 500
        • Assette VS Code Extension Troubleshooting
      • Visual Studio Code
        • Assette Visual Studio Code Extension
        • How to Find Where a Component is Used in the VS Code Extension
        • Error and Status Messages Reference
        • Signing Into the Assette VS Code Extension
        • VS Code Frequently Asked Questions (FAQs)
        • Assette VS Code Extension Troubleshooting
        • Installing the Assette Block Editor VS Code Extension
    • Data Block Editor
      • Using Nested Functions in Data Blocks
      • Importing Python Libraries
      • Import & Export Data Blocks
      • Data Block Unit Testing in Python
      • Data Block Editor Basics
        • Calculation Operators and Precedence
        • How to Freeze Data Blocks
        • Creating & Editing Data Blocks
        • How to Copy & Delete Data Blocks
        • Secret Management
        • Introduction to the Data Block Editor
      • Data Block Editor Metadata
        • How to Update Data Block Metadata
      • Data Block Editor Troubleshooting
        • Troubleshooting API Authentication Issues
    • Data Object Editor
      • Applying Row Filtration with Data Objects
      • Locking a Data Object
      • Force Unlocking a Data Object
      • Dynamic Row Numbering
      • Introduction to the Data Object Editor
      • Data Object KeyError
      • Editing Data Objects
      • Creating Data Objects
      • How to Copy & Delete Data Objects
      • Generation Time Data Settings
      • Importing & Exporting Data Objects
      • Design View
        • Data Settings Tab
          • Data Settings Tab
        • General Info Tab
          • Styling Classes
          • General Info
        • Data Source Tab
          • Data Source Tab
        • Columns Tab
          • Date Formats
          • Columns Tab
        • Groupings Tab
          • Creating Group Summary Rows
          • Creating Group Header Rows
          • Group Expressions & Group Ordering
          • How to Create “Group By” Data Settings
          • Grouping Tab
        • Sorting Tab
          • Sorting Tab
        • Summary Tab
          • Summary Tab
        • Row Types Tab
          • Row Types Tab
        • Title & Footnotes Tab
          • Title & Footnotes Tab
        • Legend Tab
          • Legend Tab
        • Output Variables Tab
          • Output Variable Tab
        • No Data Message Tab
          • No Data Message Tab
      • Expressions
        • The “round(value, n)” Expression
        • The “Contains()” Function
        • The “HasValue()” Function
        • The “NOT” Operator
        • The “OR” Operator
        • The “<> Not Equal To” Operator
        • The “>= Greater Than or Equal To” Operator
        • The < Less Than Operator
        • The “<= Less Than or Equal to” Operator
        • The > Greater Than Operator
        • The “==” Equals Operator
        • The Grouping Operator “()”
        • The “Divide” Expression
        • The “Multiply” Expression
        • The “Minus” Expression
        • The “ADD” Expression
        • The “AND” Expression
        • Expressions, Operators, & Functions
    • Dynamic Fields
      • Dynamic Fields
    • Footnote Editor
      • Footnote X-Ray View
      • Import Variables & Columns
      • How to Create & Edit Footnotes
      • Footnote Editor Overview
    • Tenant Manager
      • Deployment Statuses
      • Deployment Processing & Error Logging
      • Review Artifacts
      • Tenant Manager Troubleshooting
      • Deploy Content Using the Assette Tenant Manager
      • Tenant Manager Overview
      • Tenants in the Tenant Manager
  • Data Blocks
    • Data Block Basics
      • Data Block Request Parameters
      • Data Block Categories
      • Data Block Basics
    • Account Master
      • Filtering the Account Master Using Account Codes
      • Account Master Data Block
    • Data Blocks by Category
      • Understanding Assette Data Blocks
      • System Data Blocks
        • Organization Add Data Block
        • Organization Master Data Block
        • Get Recipient Info Salesforce Transform Data Block
        • Get Recipient Info Salesforce Data Blocks
        • Get Recipients LocalDB Data Block
        • Get Recipient Info Local Data Block
        • Recipient Master Data Block
        • Attribute Type Values Local Data Block
        • Brand Theme Selector Data Block
        • Brand Theme Extract Data Block
        • Asset Classes Local Data Block
        • Sub Accounts Client Database Data Block
        • Sub Accounts Local Database Data Block
        • Sector Schemes Data Blocks
        • Sectors Data Block
        • Currency Codes Data Blocks
        • Countries Data Block
        • Sub Accounts Data Block
        • As of Dates Data Block
        • Account Master Data Block
        • Product Master Data Block
        • System Data Blocks Overview
      • Sync Data Blocks
        • Country List Sync Data Block
        • Product Master Sync Data Block
        • Sync Data Block Overview
        • Attribute Type Values Sync Data Block
      • Source Data Blocks
        • Source Product Offer Countries Data Block
        • Source Sub-Accounts Relationship Data Block
        • Source List of Attribute Type Values Data Block
        • Source Product Master Extract Data Block
        • Source List of Currency Codes Data Block
        • Source Account Attributes Values Data Block
        • Source Extract Accounts Details Data Block
      • Transform Data Blocks
        • Assette Get Valid Periods Data Block
        • System Period Information Data Block
        • Assette Get Begin & End Date Data Block
        • Source Extract Accounts Details Data Block
      • Interface Data Blocks
        • Organization Read Local Data Block
        • Sectors Local Database Data Block
        • Assette Period Code Map Data Block
        • Account Attribute Mapping Local Database Data Block
        • Account Attributes Local Database Data Block
        • Source Product Master Extract Data Block
        • Source List of Currency Codes Data Block
        • Source Account Attributes Values Data Block
        • Product Master Local Data Base Data Block
      • Configuration Data Blocks
        • Salesforce Settings Data Block
        • Calculation Python Environment Data Block
        • Python Data Calculation Modules Data Block
        • Python Environment for Date Calculation Data Block
        • Demo Snowflake Setting Data Block
        • Snowflake Demo Certificate Data Block
        • Calculation Environment Data Block
        • Configuration Data Block Overview
    • Data Blocks by Functionality
      • Get Major Minor Ticker Data Block
  • Data Objects
    • Data Objects
    • Data Object X-Ray View
    • Introduction to Data Objects
  • Integrations
    • Connecting Salesforce with Assette
    • Snowflake
      • Source Account Attributes Values Data Block
      • Snowflake Integration
    • Aprimo
      • Modifying the Aprimo API Records Data Block
      • Inserting Content with Aprimo
      • Aprimo Image Library Data Block
      • Assette-Aprimo Integration Overview
      • Aprimo Thumbnail Image Library API Data Block
      • Aprimo Data Blocks
        • Aprimo API Post Order Data Block
        • Aprimo API Order Status
        • Image Content Data Block
        • Aprimo API Single Record Data Block
        • Aprimo Image Thumbnail Data Block
        • Aprimo API Records Data Block
  • Developer FAQ
    • How to Add a New Product to the Product Master
    • How to Add New Attributes to the Attribute Master
    • TLS Email Encryption via SendGrid
    • Data Block Cheat Sheet
    • Data Object Frequently Asked Questions (FAQ)
    • Tenant Manager Frequently Asked Questions (FAQ)
    • Why Can’t I Edit a Data Object?
    • Data Blocks Frequently Asked Questions (FAQ)
    • Period Codes
    • How Do I Log into Snowflake?
    • How Do Unit Tests Work in Assette?
    • Enable Assette Add-In in Case of Failure
    • Developer Tools FAQs
      • How to Display Different Values in the Account Code Dropdown in the Data Object Editor Preview
      • When and Why You See an Impact Change Message in the Developer Center
  • Tutorials
    • Creating a Correlation Matrix Table
    • Data Block Tutorials
      • Structuring Data for Time-Series Charts in PowerPoint
      • How to Cache Data Using Data Blocks
      • Creating a Certificate Data Block
      • Making Public API Calls Using Assette Data Blocks
      • Using Data Blocks to Make API Calls
    • Data Object Tutorials
      • Creating Dynamic Column Headings
  • Home
  • Docs
  • Developers
  • Getting Started
  • User Login & Creation
  • Permission Groups Overview

Permission Groups Overview

4 min read

This article discusses topics only applicable to users created via Azure Active Directory (AAD). For information on how to assign a Permission Group (i.e., an Attribute Based Permission) to a user, see How To Create & Assign Permission Groups. Permission Groups (also known as “Attribute Based Permissions” should not be confused with Content Limitations.

Permission Groups (also known as Attribute Base Permission) are used by Assette Admins to limit the scope of users based on Account, Product, and/or Recipients based on the data. Permission Groups helps to silo users and only show the user pertinent information— be the user a Subject Matter Expert or Portfolio Manager. Within each Permission Group there are several attributes which can be ascribed to each user or group of users and can be created as shown below. The attributes derived from the corresponding System Data Block, though that data ultimately is sourced from the respective Source Data Block.

Data BlockDescription
Account Master Data BlockThe Account Master (AccountMaster) Data Block is an Assette System Data Block which houses account attribute data such as asset class, share class, whether the account is open or not, etc. The Account Master (AccountMaster) Data Block is a System Data Block and is not usually edited by end users, though the dependency GetAccountMetaDataForSystemBlock Data Block is expected to be edited.
Countries Data BlockThe Countries Data Block surfaces the country codes and names. By default, this list is retrieved from Assette’s internal database. If a client desires to maintain their own countries list, the Data Block CountriesLocaldb must be modified.
Currency Codes Data BlockRetrieves the values for all currency codes including the ID, Symbol, description, isDeleted, and short code from the Source List of Currency Codes Data Block, a Constant Data Block. For more information, see Source List of Currency Codes Data Block.
Product Master Data BlockThe Product Master (ProductMaster) Data Block houses information related to offered products including the product’s name, asset class, whether it is a marketed or not, among other data points. If you are attempting to edit or update the Product Master, please see Product Master Sync (ProductMasterSync) Data Block and DEMO_SnowFlakeProductMasterExtract instead. The Product Master (ProductMaster) Data Block cannot be deleted though it can be edited.
Vehicles Data BlockThe Vehicles (Vehicles) Data Block is a System Data Blocks which surfaces vehicle types from the Vehicle Local Database (VehicleLocalDb) Data Block.

Permission Groups ensure that data-level restrictions are applied both during the generation of output and previewing of templates. This means that users can only generate or preview templates for the accounts and products assigned to them through their Permission Group. For example, if an attribute is defined for “USA” and 8 accounts are associated with that attribute, users in that permission group will be limited to generating or previewing reports for only those 8 accounts. Furthermore, users will also be able to see reports generated by others, but only for the accounts and products within their Permission Group. This ensures permissions are consistently enforced throughout the entire reporting process, from creation to review.

It is important to note that Permission Groups are strictly data-based and operate independently from limitations—which limit contents’ usage or inclusion in a wider context (e.g., a including a Smart Page in a Smart Doc). All users with the proper role can view and access all templates (including Smart Pages, Smart Docs, and Smart Shells), but the ability to generate reports with data is restricted to the accounts and products within their Permission Group. This ensures that while users can see the available templates, the data they can generate, and preview is limited to the accounts assigned to their specific permissions.

Impact on Clients Using SSO #

For clients using SSO, external roles defined within the client’s identity provider (such as Azure Active Directory) are mapped to internal roles defined within Assette. Upon logging in via SSO, a user automatically gains access to the relevant features based on the assigned internal roles, inheriting the appropriate permissions without the need for manual intervention.

To request for SSO users, clients should provide a detailed document outlining their external user roles and how they align with Assette’s internal roles. While roles in Assette restrict access to features, attribute-based permissions (ABP) control access to specific data. For example, a client’s “Authoring Team” might be mapped to the “Content Author” and “Workflow Admin” roles for feature access, with ABPs applied to further restrict data access. Once Assette receives this mapping document, the appropriate permission groups and data restrictions are created in the Admin Center, ensuring that SSO logins are accurately aligned with both user roles and data permissions.

Managing Attributes: What They Are, and How They Are Managed #

Attributes within Assette are defined and managed in the Admin Center’ Attribute Master. Here, administrators can create and manage different attributes that define access at various levels. Attributes could represent anything from accounts and products to specific content types or recipients. Only users with administrative access can create and modify these attributes, ensuring that permissions are tightly controlled.

Examples of Attribute-Based Permissions in Action

  1. Limiting Access Based on Account: Suppose that a user should only have access to content related to a specific account. An attribute can be created that restricts her access to only the account, both in terms of content generation and viewing output. This means that when Susy logs in, she will only see and interact with data pertaining to the account, ensuring a streamlined and secure experience.
  2. Restricting Access by Product: Consider a scenario where a user is responsible for generating content only for a particular product, “Equity Funds.” By creating a Permission Groups, permissions can be configured so that the user only has access to information and content generation options related to “Equity Funds.” This helps maintain focus and limits exposure to other unrelated product information.
  3. Managing Permissions Based on Recipients: In cases where different teams handle content for different recipient groups, such as “Institutional Clients” and “Retail Clients,” attributes can be set up to control access based on these recipient types. For example, a user assigned to the “Institutional Clients” attribute would only be able to generate content and view information meant for institutional recipients, keeping the content generation process efficient and tailored.

How to Create & Assign Permission Groups
Still stuck? How can we help?

How can we help?

Updated on October 31, 2024
Page Index
  • Impact on Clients Using SSO
  • Managing Attributes: What They Are, and How They Are Managed
  • Platform
  • Modules
  • AssetteAI
  • Who We Are
  • Who We Work With
  • Platform
  • Modules
  • AssetteAI
  • Who We Are
  • Who We Work With
  • Platform
  • Modules
  • AssetteAI
  • Who We Are
  • Who We Work With
  • Platform
  • Modules
  • AssetteAI
  • Who We Are
  • Who We Work With
  • Blog
  • News
  • Events
  • Contact
  • Blog
  • News
  • Events
  • Contact
  • Blog
  • News
  • Events
  • Contact
  • Blog
  • News
  • Events
  • Contact
X-twitter Linkedin Youtube

4 Faneuil Hall, 4th Floor
Boston, MA
02109 USA
Tel: +1.617.723.6161

Book a Demo
  • Privacy Policy
  • © 2025 Assette. All Rights Reserved
  • Powered By Artrivo (PVT) Ltd.