Create a role and assign labels

IMPORTANT

Before managing permissions for a role, create a policy. For more information, refer to Adobe Experience Platform documentation.

Roles are a set of users that share the same permissions, labels, and sandboxes within your organization. Each user belonging to a Role is entitled to the Adobe apps and services contained in the product. You can also create your own Roles to fine-tune users’ access to certain functionalities or objects in the interface.

To grant selected users access to the Nationality field labeled C2, create a new Role with a specific set of users and grant them the label C2, allowing them to use the Nationality details in a Journey.

  1. From the Permissions product, select Role from the left pane menu and click Create role. Note that you can also add Label to built-in roles.

    Create a new role in the Permissions product

  2. Add a Name and Description to your new Role, here: Restricted role demographic.

  3. From the drop-down, select your Sandbox.

  4. From the Resources menu, click Adobe Experience Platform to open the different capabilities. Here, we select Journeys.

  5. From the drop down, select the Permissions linked to the selected feature such as View journeys or Publish journeys.

  6. After saving your newly created Role, click Properties to further configure access to your role.

  7. From the Users tab, click Add users.

  8. From the Labels tab, select Add label.

  9. Select the Labels you want to add to your role and click Save. For this example, grant the label C2 for users to access the previously restricted schema’s field.

    Save the label configuration

The users in the Restricted role demographic role now have access to the C2-labeled objects.

Assign labels to an object in Adobe Experience Platform

WARNING
Incorrect label usage can break access for people and trigger policy violations.

Labels can be used to assign specific feature areas using attribute-based access control. In this example, access to the Nationality field is restricted. This field will only be accessible to users with the corresponding Label assigned to their Role.

Note that you can also add Label to Schema, Datasets and Audiences.

  1. Create your Schema. For more information, refer to this documentation.

  2. In the newly created Schema, we first add the Demographic details field group that contains the Nationality field.

  3. From the Labels tab, check the restricted field name, here Nationality. Then, from the right pane menu, select Edit governance labels.

    Edit governance labels for the field

  4. Select the corresponding Label, in this case, the C2 - Data cannot be exported to a third-party. For the detailed list of available labels, refer to this page.

  5. Further personalize your schema if needed, then enable it. For detailed steps on how to enable your schema, refer to this page.

Your schema’s field will now only be visible and usable by users who are part of a role set with the C2 label. By applying a Label to your Field name, the Label will automatically apply to the Nationality field in every created schema.