Skip to Content
Product Information
Author's profile photo Heiko Schneider

Preliminary Information SAP Datasphere – Scoped Roles

In Q4/2023 a new capability for SAP Datasphere is delivered which is highly requested by customers and users: Space Dependent Permissions (Scoped Roles).

With this new functionality it will be possible to assign authorizations (Roles) on Space level. This means a user can be ‘Modeler’ in Space A and just a ‘Consumer’ in ‘Space B’ within the same tenant of SAP Datasphere.

Along with Scoped Roles there are some aspects to be considered as well as related functionalities which have been developed. We want to share this information in preliminary Information Sessions:

Session 1 is about the fundamental concept of Scoped Roles and includes also demos of the targeted first version which is planned to be shipped In October timeframe of 2023.

When Scoped Roles are shipped, a conversion of the existing roles to the new Scoped Roles need to be performed. This conversion is non disruptive with regards to privileges assigned to existing users as well as the Spaces they have been allowed to access at time the time the migration happens. Session 1 includes also information on the conversion process.

Session 2 covers topics which are related to Scoped Roles and where the focus was on integrating capabilities like SAML attributes and the Command Line Interface (CLI) with Scoped Roles. Another chapter of Session 2 is about managing Scoped Roles in a centralized approach (i.e. by a central IT department) versus a de-centralized approach where the user (and Role) assignment is done by the Space Administrator.

We also want to share further assets on this topic in future here, please stay tuned:

Assigned Tags

      1 Comment
      You must be Logged on to comment or reply to a post.
      Author's profile photo Benjamin Wood
      Benjamin Wood

      Good Morning Heiko,

      Your talk on Wednesday in the Datasphere Adoption Lab was very informative, thank you. During that you mentioned plans for Scoped Roles, so I decided to look into them more.

      This is a brilliant step forward in space management. We are looking to have a closed production space where business users have read-only access to approved and verified models, and an ad-hoc space where they can create their own content with a process in place to have those models verified and moved to the production space.

      I have a question, will it be possible to stop users from sharing to a certain space? Or would we have to prevent sharing from a space instead?


      Many Thanks

      Benjamin Wood
      Data Developer
      Cadent Gas