Data modeling access control is based on spaces. When you control access to a space, you can control read and write for schemas and instances separately. For each space, you can give some users write access to the schema while allowing others to read the schema and write data instances.Documentation Index
Fetch the complete documentation index at: https://docs.cognite.com/llms.txt
Use this file to discover all available pages before exploring further.
Access control lists (ACLs)
The ACLs used to control access in DMS are:-
dataModelInstances: controls access to instances (nodes and edges.)READ: allows reading instances.WRITE: allows reading, creating, modifying, and deleting instances.WRITE_PROPERTIES: allows writing properties without allowing creation/deletion of instances.
-
dataModels: controls access to schemas (spaces, containers, views, and data models.)READ: allows reading schemas.WRITE: allows reading, creating, modifying, and deleting schemas.
all: grants access to all resources in all spacesspace: grants access to resources in the specified spaces
- Read instances in all spaces.
- Modify/delete instances in
space1. - Write properties to instances in
space2using views/containers you have read access to. - Read and modify schemas in all spaces.
Autocreate instances
You can only autocreate instances in spaces you have write access to. Even if you setautoCreateDirectRelations to true when ingesting, the nodes in the spaces you only have read access to must already exist.