Estimated reading time: 7 minutes

The following pages are tagged with

Title Page Summary
Data and object security Understand how to secure your data and other key information in ThoughtSpot.
About row level security (RLS) Using row level security, you can restrict data that appears in search results and pinboards by group.
Overview of security features There are several aspects of security, including access and permissions, data security and privacy, and security from an IT perspective. System Security refers to audit logs and security policies. Data Security refers to which users can see which data in the ThoughtSpot application, and includes:...
System security System security refers to audit logs and security policies.
How rule-based RLS works Use rule-based RLS to restrict a group's access to data. Users see only accessible row data.
ThoughtSpot Lifecycle This topic covers security processes for the entire lifecycle of a ThoughtSpot deployment from development, release, installation, upgrades, to software patc...
Set row level security rules Explains the process for setting RLS rules.
Data security Data security refers to which users can see which data in the ThoughtSpot application.
Security for SpotIQ functions SpotIQ is a feature in ThoughtSpot that automatically generates insights into system data. The feature works on all the data in your system, search queries, saved answers, and pinboards. Because SpotIQ uses the same data security model as other data in the system, there is no need to build a...
Revoke access (unshare) You may need to revoke access to an object (table, worksheet, or pinboard) that you have previously shared. Unsharing an object is very similar to sharing it. To unshare one or more objects: Go to the area where the object(s) you want to unshare is located. From the top...
About SAML ThoughtSpot can be set up with Security Assertion Markup Language (SAML) to enable Single Sign On (SSO). SAML can be configured in several ways, including with CA SiteMinder. For basic instructions on configuring SAML, use one of these procedures: Configure SAML, for instructions to configure SAML in ThoughtSpot....
Configure CA SiteMinder CA SiteMinder can be used as an Identity Provider for single sign on to ThoughtSpot.
Configure SAML ThoughtSpot can use Security Assertion Markup Language (SAML) to authenticate users. You can set up SAML through the shell on the ThoughtSpot instance using a tscli based configurator. Before configuring SAML, you will need this information: IP of the server where your ThoughtSpot instance is running. Port of...
Initialize the Identity Provider Metadata This procedure shows how to initialize the Identity Provider (IdP) metadata for AD FS.
Initialize the Service Provider Metadata This procedure shows how to initialize the Service Provider (SP) metadata for AD FS.
Configure Active Directory Federated Services You can configure Active Directory Federated Services (AD FS) to work with ThoughtSpot. This procedure outlines the basic prerequisites and steps to set up AD FS. Configure SAML in ThoughtSpot. Install AD FS 2.0. Make sure you can run AD FS 2.0 Federation Server Configuration Wizard from the...
Test the ADFS Integration After setting up the AD FS integration, test to make sure it is working properly. To test your AD FS integration, go to ThoughtSpot login page using a Web browser and try to login with SAML.