User Guide

Role-based access control


About role-based access

User access to features and data in a workspace is managed through a permissions model with multiple levels of access controlled roles. These are governed by a workspace Administrator.

This detailed level of role-based access control allows users to operate specific features of platform, subject to having been given specific permission to do so.

All platform users are registered with a default set of permissions at a workspace level, based on a standard set of roles, (Observer, Standard User and Workspace Administrators), as detailed in the descriptions and table below.


Access roles



The Observer role has the following curated permissions:

  • Can access, but not manipulate data or upload data via SFTP.
  • Can read documents, but cannot upload datafiles or files.
  • Can run mini-apps, but cannot create, publish, preview or delete them.
  • Can create notes, as well as edit and delete their own.
  • Can view/read list of workspaces that they have been granted access to, and view associated members.
  • Observers cannot view audit data.

Standard user

The Standard User role has the following curated permissions:

  • Can upload data via SFTP, and access/manipulate data.
  • Can create, collaborate on, and delete files.
  • Can create, preview, publish, delete and run mini-apps.
  • Can install, run and delete software in the virtual desktop in order to do analysis.
  • Can create notes, as well as edit and delete their own.
  • Can create comments, as well as edit and delete their own.
  • Can view/read list of workspaces that they have been granted access to, and view associated members.
  • Standard Users cannot view audit data.


The Administrator role has the same permissions as a Standard User, however they also have the following additional authorisations:

  • Can buy workspaces.*
  • Can purchase upgrades available for their workspace(s) i.e. virtual desktop, additional disk capacity, and additional Workspace+*
  • Manage access to their workspace(s).
  • Access the audit of their workspace(s).

Role-based privileges

  List/Read Create Update Destroy Publish/Preview Run Install
R Session          
Workspace Members    
Virtual Desktop
Figure 6: Role-based privileges Workspace Administrator, Standard User, Observer

Managing workspace memberships and privileges

Workspace Administrators can invite members to, and remove them from, a workspace. They are responsible for ensuring that only appropriate individuals are invited to become members of their workspaces.

Before a user can be invited to a workspace they must have an AnalytiXagility account. Due to the sensitive data contained within AnalytiXagility, all account requests must be placed by the workspace Administrator to AnalytiXagility’s administrator by emailing*

Once the requested person has been granted a user account, the Administrator can invite them to their workspace. This can be done by

  • visiting the Administrator’s homepage to display their full list of workspaces
  • clicking on the workspace the new user should be added to

By clicking on Invite or Edit Members to display the Edit Workspace Members window in the panel on the right hand side of the window.
tools sidebar, grabbed on 17.01.17, using XAP version 1.19.1 2740-8759a, from

From here individual users can be selected by clicking Invite next to their name.
edit workspace members, grabbed on 24.01.17, using XAP version 1.19.1 2740-8759a, from

Figure 7: Inviting users to a workspace

Note the status indicators to the right of the users name; this indicates if users have accepted the invite (green), or if the invite is still pending (yellow).

When the Administrator has added all required members, they should click Save Changes.

Removing users from a workspace can be done in the same manner, simply click the Remove button beside the users to be removed from the workspace.
*Dependant on your specific platform subscription.


To contact support, send an email to the Aridhia service desk: