Groups, Roles and Permissions are the guardrails of your Less application. Once you start adding more users to the platform, you'll probably want to restrict certain people from doing certain things.

For instance, you might not want everyone to access a specific HR connection with sensitive salary and person data. Similarly, perhaps only admins should have the ability to add or create new databases. Roles, Groups and Permissions helps you in such cases.

The basic workflow works by first inviting users to the platform. Then you add users to Groups. A Group could be Finance Analyst or Admins. On an asset - database, folder, connection or model - you then assign groups a certain Role. A Role (e.g. Editor) is a pre-built bundle of low-level Abilities (e.g. Create Connection) which ultimately restricts that Group from doing certain things. For instance, you might give your Finance Analyst Group an Editor Role on a folder containing 10 finance-related connection. The users in the Finance Analyst Group will then be able to do things like creating new models, accessing the output of the connectors, etc.