Popdock November 2024 Release Post Migration Security

Published: Nov 07, 2024

Popdock November 2024 Release Post Migration Security

Published: Nov 07, 2024

Now that you’ve been migrated to the updated version of Popdock, you’ll want to check security and verify your user’s access.  Security has been enhanced and there are some roles that did not previously exist and some roles that have been changed.  To check your security settings, go to the main menu and select Security.  You’ll see all your users and teams here.  The latest version of Popdock has predefined roles that you’ll find under both the user and team.  We recommend creating teams based on the areas the user is responsible for.  Then assign roles to the team, and then assign users to the team. 

To check the roles a user or team has, select your user or team. Then select the Edit icon.  In the left navigation pane, you’ll see Security and Connectors

image 193


Select Roles under the Security section.  These roles will give you access to areas that are not specific to a connector, things like widgets or schedules.  You can add roles to your user by selecting Add role, in the upper right.

image 194


You will find a description of each user roles listed below.  There are two General roles that give you access to a wide range of permissions:  Administrator and Contributor

The Administrator role gives you access to add and remove connectors.  It also gives you access to Account Settings.  Users with the Administrator role can add connectors and remove any connector.  You are also automatically given the Administrator role to connectors you install and access to all lists, actions, and details.  This gives the user rights to add/edit/delete everything in that connector. 

The Contributor role gives you access to add new connectors and remove any connectors you added.  The Contributor role will not allow you to remove connectors that another user installed.  You are also automatically given Administrator role to the connector you installed, and access to all lists, actions, and details.  This gives the user rights to add/edit/delete everything in that connector. 

You’ll notice that each area has an Administrator, Contributor, and Reader role.  The Administrator role will give you access to add, update, and delete.  The Contributor role will give you access to add and update.  The Reader role will give you access to view, without making any changes.

Keep in mind that the Administrator role does not give you access to everything within Popdock.  If you need access to schedules and widgets, you’d need to have the SchedulerAdministrator and WidgetAdministrator roles, respectively.  The Administrator role alone will not give you access to schedules, widgets, or security.  Each of those areas have their own administrative role.


If you have existing custom API Endpoints, you’ll want to check that your user has access. Select Security, under the main menu. Edit the user and then select Roles, in the Security section on the left. The user will need one of the API roles, depending on what access they should have.

image 203




In the Connector section, you can assign roles per connector.  You can assign a user roles to one connector and leave the user off another.  This would allow you to grant the user access to one connector and be restricted from the other.  After you have selected a connector, you can assign roles to your user.  Once you assign the user roles, you will need to assign companies and lists.  If the list has actions or details, you can assign those as well. 

image 195

A few things to keep in mind with lists:

  • Users will only be able to view data from companies they have access to.  If the user does not have access to a company, they will not be able to view data.
  • Users will need access to a list, regardless of their role, to see data.  For example, a user has the Administrator role, and no lists assigned.  The user will be able to see all lists in the connector and make edits to them.  However, they will not be able to preview the list or open a tab with the list and see data.  You would still need to assign a list to the user for them to be able to see data.
  • If a list uses a connector action, you will need to select it under List actions.
  • If the user needs access to connector actions, those actions will be listed under Actions.
  • Users will need access to the list in the details.  If you give the user access to a list and its details, the user must also have access to the list that make up those details.  If they do not, they will get a message that they don’t have access to the resource when they try to access the details.


Like the user roles, each area of the Connectors roles has an Administrator, Contributor, and User.  There are also four General connector roles:  Administrator, Contributor, Reader, and User.

The Administrator role will give you full access to everything in the connector.  You can edit lists, create custom lists, lookups, and details.  If you want to view data for a list, you must be given access to a list.  This will allow you to preview the list and add it to a new tab.

The Contributor role will give you access to add, edit, or delete company and list settings.  This role does not have access to Lookups, Custom Lists, Actions, or Query Builder.  Contributor users can update any list but can only see data for list they have been granted access to.

The Reader role will give you read-only access in the connector.  This is the minimum role a user would need to access a connector.  Reader users can view details of a list but will only be able to see data for lists they have been given access to.

The User role gives you access to view data in lists you have been given access to.  Users with the User role cannot make any edits.  They can only add lists to a new tab, for lists that they have been given access to. 

A few tips when working with the Connector roles:

  • The roles are per connector.  If you have multiple connectors and a user or team needs access to more than one, you must assign the roles at each connector. 
  • When a user has access to a list, they can add filters, add additional columns, and change the view.  If they need to be able to export the list, they will need to be given one of the Export roles.  Either ExcelExporter, PDFExporter, or TextExporter
  • If the user should be able to create favorites, they will need the FavoriteContributor role.  This role will give you access to the Favorites menu.  You will be able to edit, save changes, and save as a new favorite.  If the user owns the favorite, they can delete it.  User can see Favorites that have been shared with them and will be able to make changes to the favorite unless the owner has locked the favorite.
  • Favorites need to be shared for a user to select them.  If the favorite is not shared, only the user that created it/owns it can select the favorite when opening a list. 
  • At a minimum, the user will need the Reader role to edit a connector.  If they need to create or edit Actions, they will need the ActionAdministrator or ActionContributor list.  The same with Custom Lists and Lookups.
  • You could give the user the Contributor role at the connector and then then ActionReader role or CustomListReader role.  This would allow them to make edits to the lists but have read-only access to actions and custom lists. 


Mapping of roles from the previous version of Popdock to the new version of Popdock

Users that were designated as Administrator 1 or Administrator 2 in the previous version of Popdock will get the following roles in the new version:

Administrator, FavoriteAdministrator, SchedulerAdministrator, ApiAdministrator, SecurityAdministrator, WidgetAdministrator

Permissions in previous versionRoles in new version
Add new connectorsContributor
Add REST connectorsContributor
Delete connectorsAdministrator
Refresh connectorsContributor and connector Administrator
Assign security to teamsSecurityAdministrator
Assign security to usersSecurityAdministrator
Manage favoritesFavoriteAdministrator and FavoriteContributor
Manage rolesSecurityAdministrator
Manage teamsSecurityAdministrator
Add actionsActionAdministrator
Add calculated fieldsContributor and connector Contributor
Add new listContributor and connector Contributor
Create Query Builder listsconnector QueryBuilderAdministrator
Edit field optionsContributor and connector Contributor
Edit labelsContributor and connector Contributor
Export customizationsno mapping *
Import customizationsno mapping *
Manage companiesconnector Administrator
Manage detailsno mapping *
Manage groupsContributor and connector Contributor
Publish Query Builder listsconnector QueryBuilderAdministrator
Publish widgetsconnector QueryBuilderAdministrator
Upload files to data lakeconnector DataLakeFileUploader
Create custom API endpointsAPIAdministrator
Create widgetsWidgetAdministrator
Manage tokensSecurityAdministrator
Schedule jobsSchedulerContributor
View API documentationAPIReader
Export data to PDFconnector PDFExporter
Export data to Excelconnector ExcelExporter

* These permissions do not have a corresponding role in the new version.  If you have access to the connector, you will be able to import and export, and have access to details. 


Security Roles

These roles grant a user access to areas that are not specific to a connector.  Security roles can control access to Endpoints, Favorites, Schedules, and Widgets. 

API Administrator – Gives the user access to Endpoints.  Can add, edit, and delete endpoints.

API Contributor – Gives the user access to Endpoints.  Can add and edit endpoints.  Cannot delete endpoints.

API Reader – Gives the user read-only access to Endpoints.  Can view all the details for the endpoint but cannot make any changes.

Excel User – Gives the user access to run the Popdock Excel add-in.

Favorite Administrator – Gives the user access to Favorites in the list settings.  Can lock, unlock, share, change ownership and delete favorites.  At a minimum, the user will need the Reader role at the connector to access a list. 

In the list tab, the user will have access to Favorites that they created and that have been shared with them. 

Favorite Reader – Gives the user read-only access to Favorites in the list settings.  User will need the Reader role at the connector to access a list.  Users can only see Favorites that have been shared with them.

Administrator – Gives the user access to Account Settings, Import, and Export.  User can add connectors and delete any connector.  Automatically given Admin role to that connector and access to all lists, actions, and details.  This gives the user rights to add/edit/delete everything in that connector. 

The administrator user cannot edit other connectors that they have not installed.  You would need to grant them access to do so.  They can delete any connector. 

Contributor – Gives the user access to add new connectors and delete any connectors they added.  Automatically given Admin role to that connector and access to all lists, actions, and details.  This gives the user rights to add/edit/delete everything in that connector. 

Scheduler Administrator – Gives the user access to Scheduler.  User can run, add, edit, and delete schedules.  User will need access to lists to schedule them.  If the user does not have access to the connector or list, when they edit the schedule, they will not see the connector or list name. 

Scheduler Contributor – Gives the user access to Scheduler.  User can add new schedules and delete schedules they have created.  User will need access to lists to schedule them.  If the user does not have access to the connector or list, when they edit the schedule, they will not see the connector or list name.    

Scheduler Reader – Gives the user access to Scheduler.  User can see details for the schedules by selecting Select columns and then selecting the detail they want to view.

Security Administrator – Gives the user access to Security.  User can add users and teams and assign security roles and set the password policy.  They can also add, edit, and delete Firewalls and Virtual Networks. 

Security Reader – Gives the user read-only access to Security.  Can view all details for security but cannot make any changes. 

Widget Administrator – Gives the user access to Widgets.  User can add, edit, and delete widgets.  The user will need access to a connector and lists to create the widget.  If the user does not have access to the connector or list, when they edit the widget, they will not see the connector or list name. 

Widget Contributor – Gives the user access to Widgets.  User can add and edit widgets.  The user will need access to a connector and lists to create the widget.  If the user does not have access to the connector or list, when they edit the widget, they will not see the connector or list name. 

Widget Reader – Gives the user read-only access to Widgets.  If a user lacks access to connectors or lists within a widget, the system will hide these elements. 

Connector Roles

Connector roles grant a user access to areas within a connector.  These roles control access to API endpoints, connector actions, custom lists, and lookups. 

API Administrator – Gives the user full access to add or update anything in the connector through the API.

API Contributor – Gives the user access to make updates to a connector through the API.

API Query Data – Gives the user access to query data via the API.

API Reader – Gives the user read access through the API.

Action Administrator – Gives the user access to Actions in the connector.  User can add, edit, duplicate, and delete actions.  User will also need at least the Reader role to access the connector where the action is located. 

Action Contributor – Gives the user access to Actions in the connector.  User can add, edit, and duplicate actions.  User will also need at least the Reader role to access the connector where the action is located. 

Action Reader – Gives the user read-only access to Actions in the connector.  User will also need at least the Reader role to access the connector where the action is located. 

Custom List Administrator – Gives the user access to Custom Lists in the connector.  User can add, edit, duplicate, and delete custom lists.  User will also need at least the Reader role to access the connector where the custom list is located. 

Custom List Contributor – Gives the user access to Custom Lists in the connector.  User can add, edit, and duplicate custom lists.  User will also need at least the Reader role to access the connector where the custom list is located. 

Custom List Reader – Gives the user read-only access to Custom Lists in the connector.  User will also need at least the Reader role to access the connector where the custom list is located. 

Data Lake File Uploader – Gives the user access to upload files to a data lake.

Data Lake List Uploader – Gives the user access to upload lists and favorites to a data lake.

Excel Exporter – Gives the user access to export lists to Excel.  Users will need at least the User role and access to the list.

PDF Exporter – Gives the user access to export lists to PDF.  Users will need at least the User role and access to the list.

Text Exporter – Gives the user access to export a list to a csv file.  The list view must be set to Text, to export it in this format.  Users will need at least the User role and access to the list.

Favorite Contributor – Gives the user access to save a list as a new favorite.  Users will have access to the Favorites menu and be able to edit, save changes, and save as a new favorite.  If the user owns the favorite, they can delete it.  User can see Favorites that have been shared with them and will be able to make changes to it.

If the Favorite is locked, you cannot make changes to it.  You can save it as a new Favorite though. 

Administrator – Gives the user full access to add, edit, or delete anything in the connector.  This role is automatically given to a user with the Administrator security role when they install a connector. 

Contributor – Gives the user access to add, edit, or delete company and list settings.  This role does not have access to Lookups, Custom Lists, Actions, or Query Builder.  Contributor users can update any list but can only see data for list they have been granted access to.

Reader – Gives the user read-only access to details in the connector.  This is the minimum role a user would need to access a connector.  Reader users can view details of a list but will only be able to see data for lists they have been given access to.

User – Gives the user access to view data in lists they have been given access to.

Lookup Administrator – Gives the user access to Lookups.  User can add, edit, and delete Lookups.  User will also need at least the Reader role to access the connector where the lookup is located. 

Lookup Contributor – Gives the user access to Lookups.  User can add and edit Lookups.  User will also need at least the Reader role to access the connector where the lookup is located. 

Lookup Reader – Gives the user read-only access to Lookups.  User will also need at least the Reader role to access the connector where the lookup is located. 

Query Builder Administrator – Gives the user access to Query Builder.  User can add, edit, duplicate, and delete Query Builder lists.  User will also need at least the Reader role to access the connector where Query Builder is located. 

Query Builder Contributor – Gives the user access to Query Builder.  User can add, edit, and duplicate Query Builder lists.  User will also need at least the Reader role to access the connector where Query Builder is located. 

Query Builder Publisher – Gives the user access to publish Query Builder lists.  The user will have read-only access to Query Builder.  User will also need at least the Reader role to access the connector where Query Builder is located. 

Query Builder Reader – Gives the user read-only access to Query Builder.  User will also need at least the Reader role to access the connector where Query Builder is located. 

Widget Publisher – Gives the user the ability to publish a widget to an environment.

Feeling stuck? Get the support and guidance you need to help you power through any data challenge

Reset Filters