User attributes/groups as flow variable

Tamara_Braun · January 24, 2022, 7:19am

Hi,

we’re considering to use a KNIME WebPortal to provide reports/dashboards to specific user groups within the company, using OIDC for authentication.
A prerequisite would be that we are able to control access to data based on user attributes. Would it be possible to e.g. map a claim that we retrieve via OIDC to a KNIME user group and then use the user group as flow variable in a row filter?
Example use case: Every authenticated user can execute workflow X, but the report will only contain data from the user’s department.

marten_kose · January 24, 2022, 12:36pm

Hi @Tamara_Braun,

while there is no built in functionality that allows you to easily retrieve the user’s group information, it should be possible to retrieve that information via REST from the identity provider.

Alternatively you might want to restrict access on the DB system, such that users can only query data which they have sufficient permissions for.

system · February 23, 2022, 12:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.