Security model of Graphlytic contains these base entities: User, Group, Permission. Permissions are assigned to groups and users are members of groups. User has all permissions of groups which he is member of.

Application Permissions for User Groups can be managed on the User Groups page, accessible in the Main menu (top right).

List of permissions

Category	Permission	Short description
Data	Read all data	Users with this permission can view all data (all nodes and relationships). Users without this permission can view only data allowed by the Data Security filter.
	Export data	Users with this permission can export data to CSV and PNG.
	Data management	Users with this permission can manage data (create/update/delete), (see Create, update, delete data).
Visualization	Share visualization	User with this permission can share visualizations to any user group which he is a member of, or he can share to users who are members of these groups.
	Share visualization with everyone	Users with this permission can share visualization to any group user or to any user in Graphlytic.
	View all visualizations of all other users	Users with this permission can view all existing visualizations in Graphlytic. Users without this permission can view only visualizations created by them or shared with them.
Users	User management	Users with this permission can manage groups and users (see Groups and Users).
Users	Grant all permissions to users	Users with this permission can assign any permission to a user group, add/remove users to/from any user group, delete any user group, delete any user. Users without this permission can assign only permissions which he also has, add/remove users only to/from user groups if permissions of the group are a subset of his permissions, delete a user group if permissions of the deleted user group are a subset of his permissions, delete a user if the permissions of the deleted user are a subset of his permissions.
Application	Settings management	Users with this permission can manage global application settings (see Settings).
	Jobs management	Users with this permission can manage ETL jobs (see ETL jobs). It's possible to write scripts with access to server files, assign this permission with great caution.
	ACL data management	Users with this permission can manage the Data Security filtering rules.
	API Documentation and testing	Users with this permission have access to the API Documentation and testing page (Swagger UI). It's possible to run API calls which can lead to changes in graph data, running jobs, or managing users. Every call is going through the authorization layer but please assign this permission with great caution.