Blogs

Community Show: Get access right: Best practices for roles and permissions

By Sara Brams-Miller posted an hour ago

  

 

Our most recent community show focused on a foundational part of data governance: getting roles and permissions right. The session, led by Uttam Somani, Senior Product Manager at Reltio, explored how access management impacts data quality, audit readiness, operational control, and the safe use of Reltio AgentFlow and MCP Server.

Why access belongs in your data governance program

Uttam opened the session by reinforcing that access management is not just an IAM task. In master data management, access directly affects golden records, downstream systems, and audit outcomes.

When a user merges, deletes, exports, or updates production data, they are not simply changing a screen. They may be changing data that downstream CRM, ERP, analytics, and AI systems depend on. That makes role design a governance issue—not just a permissions issue.

Key best practices for roles and permissions

  • Apply least privilege by default: Give users the access they need for their work, and no more.

  • Separate dev, test, and prod access: The same person may need broader rights in dev, but tighter controls in production.

  • Use groups for scalability: Assign roles to groups, not individuals, whenever possible.

  • Authenticate humans and machines differently: Use SSO (with MFA where required) for people; use client credentials for integrations—not shared human accounts for batch jobs.

  • Avoid admin access for convenience: Temporary admin rights often remain in place longer than intended.

  • Use one client per integration: Separate client credentials by use case, such as MuleSoft, Power BI, or ETL.

  • Review permissions regularly: Quarterly access reviews help remove unnecessary privileges before they create risk.

Understanding Reltio’s three authorization layers

Uttam explained that authorization works across three layers. Each layer plays a different role in controlling what users and systems can do.

  • Console roles: Control access to applications, hubs, tenant administration, user management, and admin APIs

  • Metadata security: Defines what a role can do on entity types, relationships, attributes, merge, delete, and workflow actions

  • Data security filters: Refine access further by limiting users to specific record-level scopes, such as geography or business region (same configuration family as metadata security, with an additional filter).

One important takeaway: role names must match exactly between user management and metadata security configuration. Even a small mismatch can create access issues that are difficult to debug.

Personas and access patterns

The session also covered common personas and how their access should be managed.

  • Tenant admins should remain a small, named population with clear ownership responsibilities

  • Data stewards should have access to update and merge the data they own, without broad tenant admin privileges

  • Business readers should have read-only access, without merge, delete, or export privileges

  • Integration clients should use narrow API roles, client credentials, and tenant-specific permissions

Uttam emphasized that mature programs design access around personas and groups—not individual exceptions.

Roles and permissions for AgentFlow and MCP Server

The session also addressed how roles and permissions apply to Reltio AgentFlow and Reltio MCP Server. AgentFlow does not introduce a separate security model. It uses the same user management and governance foundation already in place for Reltio MDM.

When a human uses AgentFlow, actions run as that human with their OAuth token. If metadata security denies a merge in Reltio Hub, AgentFlow cannot bypass that restriction. The same console roles, metadata security, and data filters continue to govern the underlying APIs.

Uttam also reviewed the additional roles needed for agent execution, including MCP execution, agent execution, agent authoring, agent approval, and agent administration.

Common anti-patterns to avoid

Uttam closed with practical examples of what often goes wrong in mature environments.

  • Admin for convenience: Giving someone tenant admin access “for two weeks,” then forgetting to remove it

  • One API client for everything: Reusing the same client credential across multiple integrations

  • One human with admin and API access across many tenants: Creating unnecessary risk and audit complexity

The recommended fix is to duplicate system roles, remove privileges aggressively, create purpose-built custom roles, assign through groups, and document why each role exists.

Conclusion

Today’s community show reinforced that roles and permissions are a core part of data governance. The right access model helps teams protect production data, improve audit readiness, reduce operational risk, and support secure adoption of AgentFlow and MCP Server.

By using least privilege, persona-based groups, tenant-specific role assignments, and regular access reviews, teams can create a stronger foundation for trusted data and governed action across Reltio.

#CommunityWebinar

#Featured

#DataGovernance

0 comments
1 view

Permalink

https://community.reltio.com/blogs/sara-brams-miller/2026/05/28/best-practices-for-roles-and-permissions