- Overview
- Platform setup and administration
- Platform setup and administration
- Platform architecture
- Data Bridge onboarding overview
- Connecting a Peak-managed data lake
- Connecting a customer-managed data lake
- Creating an AWS IAM role for Data Bridge
- Connecting a Snowflake data warehouse
- Connecting a Redshift data warehouse (public connectivity)
- Connecting a Redshift data warehouse (private connectivity)
- Reauthorizing a Snowflake OAuth connection
- Using Snowflake with Peak
- SQL Explorer overview
- Roles and permissions
- User management
- Inventory management solution
- Commercial pricing solution
- Merchandising solution
Supply Chain & Retail Solutions user guide
Roles and permissions
Roles group permissions so access can be assigned to multiple users at once. Users must belong to at least one role to access Peak.
To manage roles, open Settings and select Roles. You must have Admin privileges to access this area.
Default roles
Default roles are fixed and cannot be edited. You can view role details or add users to them, but you cannot change their permissions.
Peak includes these default roles:
| Role | Description |
|---|---|
| Admin | Full access to the platform for resource and access control. Assign this role only to Peak Admin users in your organization — never to customers. |
| Power User | Uses multiple areas of Peak to solve business use cases. |
| Commercial User | Uses Work areas for decision intelligence. |
Custom roles
If no default role fits a user's needs, you can create a custom role with a specific combination of permissions. For example, a "Reporting User" role might have read access to multiple Work areas, and can then be assigned to all members of a reporting team.
Creating a custom role
Follow these steps to create a custom role:
- In Peak, open Settings and select Roles.
- Select Create role.
- Enter a role name using alphanumeric characters and
@,-, or&. - Select Next.
- For each platform area, select Read, Write, or Deny.
- Select Create role.
The new role appears in the Custom roles list.
Updating or deleting a custom role
Follow these steps to update or delete a custom role:
- In Peak, open Settings and select Roles.
- In Custom roles, open the action menu for the role.
- Select View role details to edit permissions.
- Select Edit permission, then update permissions and select Save.
- To rename a role, open the action menu and select Rename.
- To delete a role, open the action menu and select Delete.
- Confirm the update or deletion.
The role is updated or removed. Deleted roles no longer grant access to users.
Adding users to a role
Assign users to roles to grant them the appropriate Peak access. Users can be added to one or more roles, and their permissions are the union of all assigned roles.
Follow these steps to add users to a role:
- In Peak, open Settings and select Roles.
- Open the action menu for the target role.
- Select Add users.
- Select one or more users.
- Select Save.
The selected users inherit the permissions of the role.
Permission levels
Each platform area can be assigned one of the following permission levels:
| Permission | Meaning |
|---|---|
| Read | View content without making changes. |
| Write | View and change content. |
| Deny | No visibility or access to the section. |
Permission examples
| Scenario | Required permissions |
|---|---|
| Allow a user to upload a file | Manage > Write: Data Sources, Files |
| Allow a user to download a file | Work > Write: Downloads |
| Allow a user to interact with a dashboard | Work > Read or Write: Apps |
API keys
API keys authenticate access to Peak APIs and data ingestion endpoints. An API key identifies and authenticates an application or user when calling an API. API keys help control and monitor API usage.
Peak uses API keys to authenticate API connections to external systems and to run processes such as data ingestion and data export. API keys are generated and managed in Settings.
Create a new API key in these scenarios:
- Your Peak organization is new.
- An existing API key has expired.
Key limits and expiration
- Keys are valid for three months.
- Up to two API keys can be active at a time.
Create an API key
Follow these steps to create a new API key:
- In Peak, open Settings and select Access tokens.
- In API keys, select Add.
- Copy the generated key for use in your applications.
Delete an API key
Follow these steps to delete an API key:
- In API keys, open the action menu for the key.
- Select Delete.
If a key is near expiration, create a new key or contact Peak Support to request an extension. If you create a new API key, update it everywhere the previous key is used.
External credentials
External credentials store repository access tokens securely for use in Workspaces, Workflows, and Web Apps.
Do not store credentials as plain text in repositories or input parameters, because other users can discover and copy them. External credentials provide a single managed location for these secrets, so you only need to refresh keys in one place.
Supported repositories
You can add external credentials for these repository systems:
- Custom
- Bitbucket
- GitHub
- GitLab
Add an external credential
Follow these steps to add a new external credential:
- In Peak, open Settings and select Access tokens.
- In External credentials, select Add.
- Enter a name and select the credential type.
- Enter the required repository credentials.
- Select Submit.
Update or delete a credential
- To edit a credential, select the pencil icon and update the values.
- To delete a credential, select the trash icon.
- Default roles
- Custom roles
- Creating a custom role
- Updating or deleting a custom role
- Adding users to a role
- Permission levels
- Permission examples
- API keys
- Key limits and expiration
- Create an API key
- Delete an API key
- External credentials
- Supported repositories
- Add an external credential
- Update or delete a credential