5 minute read
June 1, 2023

RiskControl User Access


Marqeta uses role-based access control for Real-Time Decisioning. Access is controlled by a number of permissions, which are described below in User roles and permissions.

Each permission enables a user to access a particular function of the Real-Time Decisioning dashboard. Each permission relates to an area of Real-Time Decisioning, and if a user has no permissions related to a particular section, they cannot see or access that area of Real-Time Decisioning.

The permissions a user has depends on the role or roles assigned to that user’s Real-Time Decisioning user account. Users can have a single role, or multiple roles. If they have multiple roles, they have all the permissions associated with all of their roles.

Default user roles

The following roles available to your users:

  • Analyst – The Analyst role allows a user to see entity and event details, and to search and filter events. This role is typically assigned to someone with a job title such as fraud agent, financial crime analyst or AML investigator.

  • Supervisor – The Supervisor role allows a user to manage queues and workflows and approve changes to analytics made by an Analytics Specialist (see below).

  • Analytics Specialist – The Analytics Specialist role allows a user to view and edit analytics, including business rules and positive or negative lists.

  • User Administrator – The Administrator role grants a user all the permissions available to other user roles. In addition, this role allows a user to create other users, and manage the roles assigned to other users. There is also a Super User role, which grants all user permissions.

User roles and permissions

The lists of permissions below show which permissions are assigned, by default, to each user role. The Super User role has all the permissions that are enabled in your system except those marked with an asterisk (*).

In the lists below, permissions that require another permission (referred to as the parent permission) are indented below their parent permission, with a (c) to indicate the parent-child relationship.


Permission Description Users


Enables the entity search box (in the ARIC header), as well as access to Events in the Real-Time Decisioning dashboard.

Analyst, Analytics Specialist, Supervisor, User Administrator

Management information and reports

Permission Description Users

Management Information *

Enables viewing of Enhanced Reporting dashboards in the Reports area of Real-Time Decisioning, if the Enhanced Reporting optional feature is enabled.

Management Information User Management *

Enables a user to manage Tableau user permissions, if the Enhanced Reporting optional feature is enabled. This enables a user to create and manage Tableau user accounts and control which Enhanced Reporting dashboards are visible to which users.


Permission Description Users


Enables the creation and editing of risk score aggregators.

Analytics Specialist, User Administrator

Analytics Version Acceptor

Enables the user to approve or reject changes to analytics configuration which have been submitted for review, and to revert to a previous version.

Supervisor, User Administrator

Accept or Reject Own Analytics Changes

Enables the user to approve or reject changes to analytics configuration from all users that have been submitted for review, including themselves (enables a user to push analytics changes directly to live).

User Administrator

Analytics Version Creator

Enables the user to submit for review changes to analytics configuration.

Analytics Specialist, User Administrator

Analytical Workflow Override Settings *

Enables the user to override Workflow settings and parameter values if the Analytical Workflows feature is enabled.

Analytical Workflow Override Mappings *

Enables the user to manage which Analytical Workflows apply to which event types if the Analytical Workflows feature is enabled.


Ability to create and manage AMDL™ business rules.

Analytics Specialist, User Administrator

Rule Templates Manager

Ability to manage rule templates and rule actions.

Rule Templates

Ability to use rule templates.

Analytics Specialist, User Administrator


Permission Description Users

Data Lists

Enables the creation and management of data lists. This also allows the direct addition or deletion of values in data lists, and import of data into data lists in CSV format.

Analytics Specialist, User Administrator


Enables the creation of teams and assignment of users to teams.

User Administrator


Enables the creation and administration of users and assignment of roles to users.

User Administrator

View Unmasked Data

Enables users to view unmasked data (that would otherwise be masked), if the data masking feature is enabled.

Analytics Specialist, User Administrator


Permission Description Users

Audit Log

Enables viewing of the audit log of user interactions using the Real-Time Decisioning dashboard.


Permission Description Users

Detokenize *

Enables users to view the original plaintext values of tokenized data, if the optional tokenization integration feature is enabled.


Enables the inline documentation sidebar.

Promote Model Classifier

Ability to promote a model classifier.

Tokenized Search *

Enables the user to search tokenized fields using the original non-tokenized value, if the optional tokenization integration feature is enabled.

Subscribe to our developer newsletter