Secured Variables are about accessing data. They differ from Node Variables in several ways:
- They are defined globally, which means they can be reused across any connection.
- Their values are derived from provisioning information instead of datasets. The value of a Secured Variable is based on the Domain a user belongs to, rather than data from a record that was clicked.
- Secured Variables are not exposed as Page Variables. They are used to restrict data, not to add interactivity.
Secured Variables are typically used in queries to restrict the records that a user can see. They can also be used inside connections to route users to appropriate sources. Like Node Variables, the values for Secured Variables need to be constrained so that underlying queries don’t break. With Secured Variables, this is handled through the concept of “Defaults”, which is handled through the provisioning UI. See “Configuring Secured Variables”
Secured Variables and Provisioning #
One of the reasons for using Secured Variables is to limit the records returned based on user information. Some examples include the following:
- A dataset may contain records from multiple companies. An administrator may need to restrict access to this data based on the company that a user works for.
- A dataset may contain a mix of classified and unclassified information. An administrator may need to prevent access based on security clearance.
In both cases, information needs to be restricted based on provisioning information for a user. This can be configured individually per user, or for a group of users using the concept of Domains. See Provisioning for more information.