Permissions & data access
Once users are in your workspace, permissions control what they can see and do. Atlan layers a few mechanisms, and which one you reach for depends on what you are scoping: access by team, by data sensitivity, by connection, or hiding specific assets entirely.
Your platform role sets the ceiling on what is possible at all. Personas and purposes then scope that access to the right assets. The sections below help you pick the right control.
Which control to use
Personas: scope by team
Bundle users and groups with policies and a curated catalog view. Use when different teams should see different parts of the catalog.
Purposes: scope by tag
Apply policies to every asset carrying a tag such as PII, across all teams. Use for sensitivity-driven rules and column masking.
Connection access: scope by source
Control who can administer a connection and which credentials users query with. Use when query access depends on credentials.
Restrict visibility: hide assets
Hide specific assets or glossaries from users who should not see them. Use to keep a least-privilege catalog.
Personas or purposes?
The two main controls scope access along different dimensions, and most teams use both together:
How layers combine
Role, persona, and purpose stack. Your platform role sets the ceiling, personas and purposes add scoped grants (a user gets the union of all their grants), and an explicit deny in any policy overrides every grant, including the Admin role. For the full evaluation order and the "which wins" table, see how access policies combine.