Skip to main content
Personalized Data Permissions (PDP) allow you to create a customized experience for each Domo user through the definition of Entitlement Policies. Using Entitlement Policies, you can filter data in a DataSet for specified users and/or groups. In other words, the same DataSet can have a card displayed to three different users and display a filtered visual of information based on the user viewing the cards. PDP Example PDP policies are applied almost anywhere in Domo that data from this DataSet is used, including the following:
  • Cards: When a KPI or Sumo card is powered by a DataSet with PDP policies in place, impacted users and groups can only view data on the card that is relevant to them
  • Alerts: PDP policies in an alert serve to filter the data and regulate which users can subscribe.
  • DataFlows: While you cannot add input DataSets to a DataFlow if you are limited by PDP policies, it is possible to apply policies to the output DataSets generated by the DataFlow.
Sharing cards affected by PDP policies with users who are not part of the PDP policy will result in them being unable to view the content. However, they can click a button on the card to request to be included in the policy.

Creating a Personalized Data Permission (PDP) policy

In order to create a personalized data permission policy you will need to have both the dataset_id of the dataset that you would like to apply a filter as well as the user_ids or group_ids that will have access applied. Once you have a dataset_id and either auser_id or group_id, choose filter.columns within the DataSet to apply filters. Each filter will need a filter.value and a filter.operator as seen in the example below. Sample Request See this sample request in Java, Python. 
POST https://api.domo.com/v1/datasets/4405ff58-1957-45f0-82bd-914d989a3ea3/policies
Content-Type: application/json
Accept: application/json
Authorization: bearer <your-valid-oauth-access-token>

{
  "name": "Only Show Attendees",
  "filters": [ {
    "column": "Attending",
    "values": [ "TRUE" ],
    "operator": "EQUALS"
  } ],
  "users": [ 27 ]
}
Domo will return a subset of the DataSet object specific to the data permission policy. Sample Response 
HTTP/1.1 201 Created
Content-Type: application/json

{
  "id" : 8,
  "type": "user",
  "name": "Only Show Attendees",
  "filters": [ {
    "column": "Attending",
    "values": [ "TRUE" ],
    "operator": "EQUALS",
    "not": false
  } ],
  "users": [ 27 ],
  "groups": [ ]
}

Listing all PDP policies applied to a DataSet

It is useful to see what existing permission policies have already been applied to the DataSet. This information can be used as a reference to mirror similar group or user access when creating new policies with other DataSets. The dataset_id is required to retrieve all of a Dataset’s policies as seen below. Sample Request See this sample request in Java, Python. 
GET https://api.domo.com/v1/datasets/4405ff58-1957-45f0-82bd-914d989a3ea3/policies
Accept: application/json
Authorization: bearer <your-valid-oauth-access-token>
Domo will return all PDP policies that are applied to the DataSet specified in request. 
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 234

[ {
  "id" : 8,
  "type" : "user",
  "name" : "Only Show Attendees",
  "filters" : [ {
    "column" : "Attending",
    "values" : [ "TRUE" ],
    "operator" : "EQUALS",
    "not" : false
  } ],
  "users" : [ 27 ],
  "groups" : [ ]
} ]

Updating a PDP policy

Because users and groups change so frequently in addition to data, programmatically updating a DataSet policy can ensure better accuracy and timeliness when managing access rights to sensitive data. In order to update a DataSet Personalized Data Permission (PDP), you will need both the dataset_id and the policy_id. Sample Request See this sample request in Java, Python. 
PUT https://api.domo.com/v1/datasets/4405ff58-1957-45f0-82bd-914d989a3ea3/policies/8
Content-Type: application/json
Accept: application/json
Authorization: bearer <your-valid-oauth-access-token>

{
  "name" : "Not Attending",
  "filters" : [ {
    "column" : "Attending",
    "values" : [ "TRUE" ],
    "operator" : "EQUALS",
    "not" : true
  } ]
}
Domo will return a subset of the DataSet object specific to the data permission policy. 
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8

{
  "id" : 8,
  "type" : "user",
  "name" : "Not Attending",
  "filters" : [ {
    "column" : "Attending",
    "values" : [ "TRUE" ],
    "operator" : "EQUALS",
    "not" : true
  } ],
  "users" : [ 27 ],
  "groups" : [ ]
}

Have additional questions?

No problem, we’d love to help. Explore additional guides and articles or join other developers in Domo’s Developer Forum. For further help, feel free to email us or contact our sales team.