/
Row Level Security using LDAP

Row Level Security using LDAP

You can set up a Parameterized Row Level Security (RLS) filter to control access to rows in a database table by using custom attributes on an LDAP server.

To use this feature, users and their details must be set up on an LDAP server. Set up custom attributes on the LDAP server and create a group in Kyvos of these users. Then, define a parameterized RLS filter on the semantic model for this group. The filter contains a parameter that is resolved at the time of the query.

To define a parameterized RLS filter, perform the following steps: 

  1. From the Toolbox, click Semantic Models.

  2. Click the Actions menu (...) in the work area and then click Data Security.

  3. Click users or groups that this rule will apply.

  4. Click the plus sign in the Rules column.

  5. Add a rule name and description.

  6. Click Row Level.

  7. Specify the field name and for criteria choose the parameter. Then select an LDAP custom attribute.

    image-20240111-095828.png

  8. Click Add.

Copyright Kyvos, Inc. 2025. All rights reserved.