Revoke data access

||Connect docs via MCP

Remove a user's ability to query and preview a specific governed asset in Atlan when they no longer need that access. Revoking from the asset sidebar lists every access path the user has: personas, purposes, governance workflows, or connection admin: and lets you cut off whichever ones grant the access. You can also optionally raise a Jira or ServiceNow ticket from the same dialog to revoke the user's access at the source system (the database, warehouse, or BI tool).

Prerequisites

Before you revoke data access, make sure:

• You are an admin in Atlan, or you have the Governance Admin sub-role.
• The asset is a governed asset: covered by at least one governance workflow.
• To revoke access at the source, the relevant integration is set up: Jira Cloud or ServiceNow.

Data products are not supported

Revoke data access is currently not supported for data products.

Revoke access on assets

1. In Atlan, click Assets from the left menu to open the assets list.

2. Click on the asset you want to revoke access on. The asset sidebar opens on the right.

3. In the right menu of the Overview sidebar, click the Access tab. The Data access in Atlan tab lists every user with query or preview access on this asset.

4. Hover over the user you want to revoke and click Revoke. The Revoke data access dialog opens.

5. Under Review and modify how (username) can access this asset in Atlan, choose which access paths to revoke. Each path is listed separately:

   • Personas: uncheck to remove the user's access through this persona.
   • Purposes: uncheck to remove the user's access through this purpose.
   • Governance workflows: uncheck to remove access granted through a workflow.
   • Connection admin: uncheck to remove the user's connection admin rights on this connection.

6. (Optional) To also revoke the user's access at the source, choose one of:

   • Raise Jira ticket to revoke data access on source: opens a Jira ticket in your configured Jira Cloud integration.
   • Raise ServiceNow request to revoke data access on source: opens a ServiceNow request via your configured ServiceNow integration.

   If a webhook is configured for revoking data access in a source tool, you can optionally add a comment before submitting.

7. Click Revoke to confirm. Atlan removes the unchecked access paths immediately. If you opened a Jira or ServiceNow ticket, click View to see your request in the inbox.

Need help?

If a user still has access after revoke, double-check whether they belong to additional personas or purposes that also grant access: the dialog lists every path, but a user with many paths needs them all unchecked to fully lose access. Contact Atlan Support if the issue persists.

See also

• Protect sensitive data (overview): How purposes scope data access.
• Scope team access (Personas): The team-based companion to purposes.
• Automate data governance: How governance workflows grant the access this page revokes.
• Manage tasks: Track revoke requests opened via Jira or ServiceNow.