Skip to main content

User Attributes

User attributes give Omni the ability to map user-specific variables to operations in the application - querying, dashboarding, or general permissions.

Default System User Attribute Types

Attribute TypeModeling ReferenceDescriptionParameters Restricting Data Access with User Attributes
Is Omni Administratoromni_is_org_adminIndicates if the user has a connection role of Adminaccess_grants, access_filters
Omni User Emailomni_user_emailUser's email addressaccess_grants, access_filters
Omni User Embed Entityomni_user_embed_entityUser's embedded entity informationaccess_grants, access_filters
Omni User Groupsomni_user_groupsGroups associated with the useraccess_grants, access_filters
Omni User IDomni_user_idUnique identifier for the useraccess_grants, access_filters
Omni User Nameomni_user_nameUser's nameaccess_grants, access_filters


Access Grants

User Groups Attribute

An example of how to utilize the User Groups attribute to limit access to content via access grants.

  1. In the model file define your access_grant::
user_attribute: omni_user_groups
allowed_values: [Docs]
  1. Choose whether to implement the access grant on a topic or on a specific field: a. Topic implementation
label: Transactional
required_access_grants: [docs_access]

b. Field implmentation

sql: CASE WHEN ${order_items.status} IN ('Complete') THEN true ELSE false END
required_access_grants: [docs_access]

Access Filter

Access filters allow users to use user attributes to filter access to a topic based on a user attribute value.

joins: {}
- field: state
user_attribute: region

Creating User Attributes

To define a new user attribute, click the 'New Attribute' button on the Attributes admin page. Each user attribute has the following settings:

  • Name: The name of the user attribute, how it will be displayed in the UI
  • Reference: How the attribute will be referenced in code, such as in the model
  • Type: Used to check that valid values are assigned to users. String and Number data types are allowed.
  • Multiple values: Specifies whether multiple values can be assigned to a user for this attribute
  • Description: Explanation of the attribute or how it will be used
  • Default value: Optionally, set a default value that all users will inherit if a value is not directly assigned to them

Assigning values to individual users

After defining a user attribute, assign a value for each user:

  1. Select the Users tab
  2. Select 'Edit Value' for the user you'd like to set
  3. Enter the new value
  4. The source field will show whether the user's value was set by inheriting the attribute default value (Default setting), or if the value was set specifically for the user (User setting)

Where can user attributes be used?

Access Filters

Access filters allow you to restrict the rows of data a user can access within a topic. Access filters apply the values assigned on a user attribute to the where clause of every SQL query a user runs, filtering out to only the data designated to that user. This is often the use case when building customer facing applications and transactions are collected across customers in a single table vs a schema per table.

Access Grants

Access Grants define topic and field level permissions can be controlled by creating an access_grant: in the model file. Omni will map user-specific variables, user_attributes, to a corresponding allowed value and determine if the user has the necessary permissions to access that topic or field.


User attributes can be referenced in fields using moustache syntax {{ omni_attributes.<attribute-name> }}.