Skip to main content


Authorization specifies what accesses an authenticated user has within a system. This section is all about how DataHub authorizes a given user/service that wants to interact with the system.


Authorization only makes sense in the context of an Authenticated DataHub deployment. To use DataHub's authorization features please first make sure that the system has been configured from an authentication perspective as you intend.

Once the identity of a user or service has been established, DataHub determines what accesses the authenticated request has.

This is done by checking what operation a given user/service wants to perform within DataHub & whether it is allowed to do so. The set of operations that are allowed in DataHub are what we call Policies.

Policies specify fine-grain access control for who can do what to which resources, for more details on the set of Policies that DataHub provides please see the Policies Guide.