There are 8 different site roles that can be assigned to your Tableau Server users. The roles determine how much access each user has to the content stored on the server and are assigned at a ‘Site’ level. Individual users can therefore have different levels of access depending on what section of the server they are in (see Anna’s blog for a bit more info on Sites). Roles can be assigned when the user is created or they can be edited for users that have already been created.
- Server Administrator: Full access to all server and site functionality, all content on the server, and all users. They can basically do whatever they want.
- Site Administrator: Like a Server Admin but only for individual sites, not the server as a whole. They have unrestricted access to the only the site that they are Admin for. Can add users and change site roles on their site but only if the Server Admin has given them permission. A user can be a site administrator on multiple sites
- Publisher: Publishers can connect to the server from Tableau desktop and upload workbooks and data sources. They can also interact with and download the views that are on the server.
- Interactor: Interactors can browse the server, and interact with the published views but they are not allowed to publish.
- Viewer: As the name suggests, they can view workbooks, however they will only get a flat image and cannot interact with it.
- Unlicensed: Unlicensed users cannot sign in to the server. Mainly used to free up license spots without removing the user (which would make the content they have created unreachable).
- There are also Viewer (can publish) and Unlicensed (can publish) roles that would primarily be used for automated scripting activities.
User roles are not the only way of controlling who can see and do what on your Tableau server. Permissions can also be set on Projects, Workbooks and Data Sources to control user privileges. It is important to be aware that the site role of a user will overrule any permissions that may be set at a project level so it is important to get the roles right when the users are set up. For example, if you set an employee’s workbook permissions to ‘Editor’ but their role is only Interactor then they will only be able to view and interact with workbooks, not create or edit them.