This applies to: Visual Data Discovery

Your users can access Symphony, after you've defined their user accounts, added users to groups, and optionally, added users to tenants to grant access to content creation, content management, content access, and use.

Symphony supports several approaches to authenticating users, including SAML and LDAP. Choose the best approach given your existing constraints and objectives. A complete list of authentication tools supported by Symphony is provided in Symphony Supported Authentication Tools.

Note: SAML and LDAP groups that are automatically created in Symphony must be manually assigned group data source access and privileges.

Once authenticated, users have authorization to perform Symphony functions and access Symphony resources as defined by their group membership.

Use the following features to define and provide product access and authorization in Symphony.

• Symphony tenants: Use to separate Symphony product resources as necessary. Assign users to multiple tenants to allow access to each tenant's resources. You can further set up different groups, data connections, data sources, dashboards, and visuals for each tenant. See Manage Symphony Tenants.

• User accounts: Define access for individual users in Symphony. Assign users to one or more groups to give them access to Symphony data sources and product features. Users can belong to multiple groups in multiple tenants.

• Groups: Use to assign privileges to groups of users. Groups are most useful when a number of Symphony users require the same access restrictions. Users can be assigned to multiple groups. See Manage User Groups in Visual Data Discovery.