Unify and manage your data

Role-based access control (RBAC) - MDM tenant configuration

Learn how to set up your MDM tenant to view RDM lookup values according to RDM RBAC permissions

Set up your MDM tenant to view RDM lookups and canonical values per role-based access control (RBAC) permissions.

To enable MDM tenant linkage, the MDM tenant must be connected to the RDM tenant. Raise a support ticket to initiate the process. For more information, see topic Get help in Support Portal.

To apply RDM User Access Security and reflect RBAC configurations in the MDM UI, use the Self-service Tenant configuration to manage the setup. For more information, see topics Role-based access control (RBAC) for RDM and View and edit tenant configuration.

Important: If you have Support enable RDM user access security in your MDM tenant but do not configure RBAC in the RDM tenant, then users won't have access to RDM lookup values.
After setting this configuration:
  • MDM UI:
    • Users only see the RDM values according to their roles' access.
    • All values linked with RDM lookups continue to be transcoded as before, ensuring profile consistency across all users.
  • MDM API:
    • API requests for getting RDM values will be made to the RDM API with user permissions. This requires that all MDM tenant users have Reltio permissions to the RDM API endpoint (at least read permissions for RDM tenant lookups). These permissions are required only for MDM-RDM communication and are not related to metadata/data security.

Users with ROLE_ADMIN_CUSTOMER Access permissions and ROLE_ADMIN_USER Access permissions can assign the ROLE_RDM for the RDM tenant to an MDM user. This allows the MDM user to view permitted lookup values in the UI dropdown box, and request them directly via MDM API endpoints.