All Products
Search

This Product

    Dataphin:Request Consumption Permission

    Document Center

    Dataphin:Request Consumption Permission

    Last Updated:Jun 17, 2026

    To use an asset, you must request consumption permission (table data access permission) for the table. You can request permission for a single table or for multiple tables in bulk.

    Prerequisites

    You have purchased the Asset Operations value-added service and enabled the Asset Operations module for your current tenant.

    Limits

    • Consumption permission requests are supported only for Dataphin tables or data source tables of the following types: MySQL (except MySQL 5.1.43), Oracle, MaxCompute, and Hive (except CDH5.x Hive 1.1.0).

    • If some fields are restricted from permission requests, you cannot request table-level permission. In this case, request field-level permission instead. The system automatically skips restricted fields. For details about data permission approval rules, see Data Permission Approval Configuration.

    Approval Process

    Changes to approval process settings (such as disabling permission requests) do not affect tickets that have already been created. You receive the requested permission only after the ticket is approved.

    Request Table Consumption Permission

    You can request consumption permission for a single asset or add multiple assets to the Application Cart to request permissions in bulk. To add an asset from the Application Cart to an in-progress permission request, click the image icon in the Actions column of the Application Cart panel.

    Request a Single Consumption Permission

    1. On the Dataphin homepage, in the top menu bar, choose Asset > Asset Catalog.

    2. Select the target asset and click Request Permission to go to the permission request page.

    3. On the Request Permission page, configure the parameters.

      Parameter

      Description

      Request Scope

      Asset Information

      Displays the asset name, highest sensitivity level (requires the Data Security module), and row-level permission details.

      Row-Level Permissions: If the requested data table or account is subject to row-level permission controls, click Row-Level Permissions or hover over the image icon next to a field to view control details.

      image

      Request Configuration

      Shows available consumption channels for the asset, including Notebook analysis, Quick BI dashboards, and Quick BI Downloads.

      Permission Granularity

      Table-level permission is selected by default. You can change it to field-level permission.

      • Table-Level Permission: Grants access to all fields in the table upon approval. New fields added later are automatically authorized. Use table-level permission when the table contains no sensitive data. Evaluate based on the table’s highest sensitivity level (requires the Asset Security feature).

      • Field-Level Permission: Grants access only to specified fields, following the principle of least privilege.

      • Select by Data Classification: Requires the Data Security feature. Lets you quickly select fields of a specific sensitivity level in bulk.

        If the project, business unit, or data source of the table has a custom permission approval policy with permission requests enabled, the approval template is determined by the table’s highest sensitivity level. If the table has no data classification, the default approval template is used.

      Field List

      • All fields in the table are selected by default. You can quickly filter fields using Data Sensitivity Level (requires the Data Security module), All Fields, Selected Fields, Unselected Fields, or Batch Select. You can also search by field display name or field name.

      • The field list shows the ordinal number, field name, field display name, field description, field type, data classification, and data sensitivity level.

      Row-Level Permission Selection

      Shows row-level permissions associated with the selected related table, including permission name, description, related table, whether a request is needed, and control rule information.

      • Request Required: Indicates whether the selected account has permission for the row-level control rules of the current related table.

        • If Yes, the selected account lacks permission for the row-level control rules of the current related table. We recommend requesting permission. Click the View icon to open the Control rule permissions for the selected account on the current row-level permission: dialog box and view the accounts that require permission.

        • If No, the selected account already has permission for one or more row-level control rules of the current related table. You can add other control rules. Click the View icon to open the Control rule permissions for the selected account on the current row-level permission: dialog box and view the granted row-level control rules.

      • Control Rule: Lets you select a control rule configured for the current row-level permission.

      Request Information

      Validity Period

      Select a validity period for the consumption permission: 30 days, 90 days, 180 days, permanent, or a custom duration.

      Request Reason

      Enter a reason for the request to help approvers understand your needs. The reason must not exceed 500 characters.

    4. Click Submit. You can view the approval task details in Task Hub > My Requests.

    Request Consumption Permissions in Bulk

    1. On the Dataphin homepage, in the top menu bar, choose Asset > Asset Catalog.

    2. Select the target assets, click Add to Application Cart, then click Application Cart to open the Application Cart dialog box.

    3. In the Application Cart, select up to 50 assets for which you want to request permissions in bulk. After selection, click the Request button at the bottom.

    4. On the Request Permission page, configure the parameters.

      Parameter

      Description

      Request Scope

      Bulk Configure Request Scope

      Applies to all assets in this request. If bulk configuration is enabled, you cannot modify permission settings for individual assets.

      • Table-Level Permission: Grants access to all fields in the table upon approval. New fields added later are automatically authorized. Use table-level permission when the table contains no sensitive data. Evaluate based on the table’s highest sensitivity level (requires the Asset Security feature).

      • Field-Level Permission: Grants access only to specified fields, following the principle of least privilege.

      • Select by Data Classification: If you have enabled the Data Security feature, you can quickly select fields of a specific sensitivity level in bulk.

      Note

      You must enable the Data Security module to select fields by sensitivity level for field-level permission requests.

      Asset List

      Click an asset name to view field details. To remove an asset from the request list, click the cancel request image icon.

      Asset Information

      Displays the asset name, highest sensitivity level (requires the Data Security module), and row-level permission details.

      Row-Level Permissions: If the requested data table or account is subject to row-level permission controls, click Row-Level Permissions or hover over the image icon next to a field to view control details.

      image

      Request Configuration

      Shows available consumption channels for the asset, including Notebook analysis, Quick BI dashboards, and Quick BI Downloads.

      Permission Granularity

      Table-level permission is selected by default. You can change it to field-level permission.

      • Table-Level Permission: Grants access to all fields in the table upon approval. New fields added later are automatically authorized. Use table-level permission when the table contains no sensitive data. Evaluate based on the table’s highest sensitivity level (requires the Asset Security feature).

      • Field-Level Permission: Grants access only to specified fields, following the principle of least privilege.

      • Select by Data Classification: If you have enabled the Data Security feature, you can quickly select fields of a specific sensitivity level in bulk.

        If the project, business unit, or data source of the table has a custom permission approval policy with permission requests enabled, the approval template is determined by the table’s highest sensitivity level. If the table has no data classification, the default approval template is used.

      Field List

      • All fields in the table are selected by default. You can quickly filter fields using Data Sensitivity Level (requires the Data Security module), All Fields, Selected Fields, Unselected Fields, or Batch Select. You can also search by field display name or field name.

      • The field list shows the ordinal number, field name, field display name, field description, field type, data classification, and data sensitivity level.

      Row-Level Permission Selection

      Shows row-level permissions associated with the selected related table, including permission name, description, related table, whether a request is needed, and control rule details.

      • Request Required: Indicates whether the selected account has permission for the row-level control rules of the current related table.

        • If Yes, the selected account lacks permission for the row-level control rules of the current related table. We recommend requesting permission. Click the View icon to open the Control rule permissions for the selected account on the current row-level permission: dialog box and view the accounts that require permission.

        • If No, the selected account already has permission for one or more row-level control rules of the current related table. You can add other control rules. Click the View icon to open the Control rule permissions for the selected account on the current row-level permission: dialog box and view the granted row-level control rules.

      • Control Rule: Lets you select a control rule configured for the current row-level permission.

      Request Information

      Validity Period

      Select a validity period for the consumption permission: 30 days, 90 days, 180 days, permanent, or a custom duration.

      Request Reason

      Enter a reason for the request to help approvers understand your needs. The reason must not exceed 500 characters.

    5. Click Submit. You can view the approval task details in Task Hub > My Requests.

    What to Do Next

    After your request is approved, you can view all authorized assets in the My Available list. For details, see View and manage my available assets.