search

Dataset-Level VS Row-Level Security

Toucan AI empowers you to control data access at multiple layers, ensuring every user sees exactly what they’re supposed to—no more, no less. Understanding the difference between dataset-level and row-level security is key to designing a secure and flexible analytics environment.

hashtag
Dataset-Level Security

Dataset-level security restricts access to entire datasets. If a user doesn’t have permission for a dataset, they can’t see any of its data—period.

  • Use case: You want to share sales data with the Sales team, but keep HR data private.

  • How it works: Permissions are assigned at the dataset level. Users without access won’t even know the dataset exists.

  • Typical roles: Admins, dataset owners, or specific teams.

Example: A “Finance” dataset is only visible to users in the Finance group. Others can’t query or visualize it at all.

hashtag
Row-Level Security (RLS)

Row-level security (RLS) takes things further by filtering data within a dataset based on user attributes (like department, region, or role).

  • Use case: You want all Sales Reps to access the same “Sales” dataset, but only see their own region’s data.

  • How it works: RLS policies dynamically filter rows at query time, using user claims or attributes.

  • Typical attributes: User ID, department, region, team, or custom fields.

Example: All users can access the “Customer Orders” dataset, but a rep in France only sees orders from France, while a manager sees all regions.

hashtag
When to Use Each

  • Dataset-level security: Use when you need strict boundaries between datasets (e.g., different departments, clients, or business units).

  • Row-level security: Use when users should share a dataset but only see a subset of the data relevant to them.

hashtag
Best Practices

  • Combine both approaches for maximum security and flexibility.

  • Start with dataset-level restrictions, then layer RLS for fine-grained control.

  • Always test policies with real user scenarios to ensure correct access.

hashtag
Why It Matters

Layered security ensures compliance, privacy, and a tailored analytics experience for every user—without duplicating datasets or dashboards.

PreviousPermission level overviewNextHow-to

Last updated