Analytics API access

For a user to be able to access the AVEVA Contract Risk Management OData Analytics API for reporting, including so they can use business unit dashboards, they must be assigned to a user role that has the Analytics API Access permission.

This permission allows them to access the Analytics API from a third-party application such as PowerBI. However, they can only access data from the business unit to which they are assigned, unless their user role also has the Analytics API Access Across Business Units permission.

See Company user role access for general information about enabling permissions for user roles.

Note If the Analytics API Access Across Business Units user role permission is enabled for any user roles in your system, a performance warning is displayed on the System Health Monitor page. See System health monitor.

Metrics

Enabling the Analytics API Access Across Business Units permission for any of the user roles in your AVEVA Contract Risk Management system has the secondary effect of permitting authorized AVEVA personnel to collaborate with you by collecting certain data metrics such as the report and parameters that were run, the length of time it took to run the report, and when the report was run.

AVEVA personnel will only use such data in order to improve the performance, scalability and reliability of AVEVA Contract Risk Management reporting capabilities. AVEVA does not believe that the metrics collected will contain any personal data; however, you are free to review AVEVA's privacy policy here: https://www.aveva.com/en/Privacy_Policy/.

If you do not wish to run the feature, you can turn it off by disabling the Analytics API Access Across Business Units permission for all user roles.

The metrics data is accessed using the AVEVA Contract Risk Management REST API and only users assigned to a user role that has the View API Metrics permission can access it.

Summary of permissions and access

The following table summarizes the possible permissions related to this functionality and the resulting access for users.

In this case:

• User 1 is an internal company user who will access the Analytics API either through AVEVA Contract Risk Management widgets on business-unit level dashboards or a third-party application such as PowerBI.

• User 2 is an AVEVA user who has been given a company user account.

  User 1				User 2
  User role for reporting		Analytics access		User role for API metrics	API metrics access
  Analytics API Access	Analytics API Access Across Business Units	Business Unit dashboards	3rd party application	View API Metrics	-
  Enabled	Disabled	Own business unit only	Own business unit only	Disabled	Cannot use the api-metrics endpoint.
  Enabled	Disabled	Own business unit only	Own business unit only	Enabled	Can access the api-metrics endpoint but no data is available.
  Enabled	Enabled	Own business unit only	All business units	Disabled	Cannot use the api-metrics endpoint.
  Enabled	Enabled	Own business unit only	All business units	Enabled	Can access data through the api-metrics endpoint.

Enable the Analytics API Access Across Business Units permission

1. Click the User Profiling tab on the Main Menu and select User Roles.

   The User Roles page is displayed.

2. Click the icon for the user role you want to enable the permission for.

   The Edit User Role page for the selected user role is displayed.

3. Select Analytics API Access Across Business Units.

   A confirmation message is displayed, warning that performance issues are probable if users with this permission run OData (Analytics API) queries on large volumes of data.

   If this is the first time this permission has been enabled for a user role in your system, the message includes a second paragraph with the warning that by enabling the permission, you are also permitting authorized AVEVA personnel to collaborate with you by collecting certain data metrics such as the report and parameters that were run, the length of time it took to run the report, and when the report was run.

   Full message text:

   Users at your company who have the 'Analytics API Access Across Business Units' permission ('AAAABU') can use the AVEVA Contract Risk Management OData Analytics API to report across all internal business units. However, organization-level reporting is only available to users accessing the AVEVA Contract Risk Management OData Analytics API from third-party applications; Contract Risk Management widgets are restricted to data from the user's business unit. Note that if one or more users are running OData queries on large volumes of data, performance issues are probable, such as delays for any users of widget dashboards. AVEVA will not release fixes to support issues raised as a result of using this feature, but will instead recommend you turn off the feature.

   By enabling the AAAABU permission for users, you also permit authorized AVEVA personnel to collaborate with you by collecting certain data metrics such as the report and parameters that were run, the length of time it took to run the report, and when the report was run. AVEVA personnel will only use such data in order to improve the performance, scalability and reliability of Contract Risk Management reporting capabilities. AVEVA does not believe that the metrics collected will contain any personal data; however, you are free to review AVEVA's privacy policy here: https://www.aveva.com/en/Privacy_Policy/. If you do not wish to run this feature, you can turn it off by disabling the AAAABU permission for all user roles. AVEVA reserves the right to remove or change this feature in the future.

4. Click OK to confirm that you are willing to accept the risks associated with enabling this permission.

   If Analytics API Access was not already enabled, it is automatically selected.

5. Make any other necessary changes to the user role and click Save.