Update what a user can do in Cube by assigning a new user type or what they can view or edit by assigning a new data access group.
User types control feature-level access—what pages a user can see, and whether they can view or edit content. You can assign a default type (Admin, Finance, Business) or a custom one.
Data access groups define visibility and edit rights across dimensions like Account, Entity, and Time. Assign a default data access group (Full Access or Read All) or create a custom one to choose exactly what dimensions can be seen or edited.
These permission sets work together to enable the right level of access for each user. For example, you can combine them to create roles for someone who can only see and edit their own team's data, or someone who can refresh a dashboard to see all data in Cube except headcount data.
You can also assign multiple roles to a single user—Cube will apply the most permissive access across all assigned user types and data groups.
- On the Users tab of the Users page under the Admin section of the Cube workspace, locate the user whose access you want to update. Use filters to narrow by status or role if needed.
- Click the Edit icon to the right of their name:
- Click the X to remove an assigned user type or data access group
- Choose one or more user types or data access groups to assign.
Review your updates and click Save. The new permissions take effect immediately.