Skip to main content

Restrict discovery

Manage asset visibility

By default, all assets are freely discoverable in the catalog. In some cases, it may be necessary to ensure only only authorized teams can find certain assets. To achieve this, you can assign a Discovery Policy, which allows you to control who can discover selected assets within the catalog.

Use sparingly: Broad discoverability is what makes a catalog valuable, and listing an asset in dScribe doesn't expose the underlying data. Restrict discovery only for assets that genuinely shouldn't appear in catalog-wide search.


Current discovery status of an asset

On any asset's detail page, the discovery tag in the header is the entry point. This is an example of an asset with no discovery policy applied - meaning it can be found by all catalog users:

You can also filter assets by applied discovery policy via the Search page.


Who can restrict discovery

Assigning a Discovery Policy to an asset requires the Restrict Discovery permission, which is granted through a Contribution Policy. Without that permission, the discovery tag on the asset's detail page is read-only.

There's also a self-assignment constraint: users can only apply Discovery Policies that have been assigned to them. If you can apply High Sensitivity to assets, it's because you're already in a team that has been granted access to High Sensitivity. You can't lock something away in a category you yourself don't have access to.


Restricting an individual asset

To change the applied discovery policy on an asset:

  1. Open the asset's detail page.

  2. Click the discovery tag in the header.

  3. Pick the appropriate Discovery Policy from the dropdown.

  4. A list of teams that will be able to access the asset appears below the policy.

  5. Click Save in the bottom bar to apply.

To remove an access policy from an asset, click the x icon next to it.


Restricting many assets at once

For a batch of assets, use Bulk actions or create an Automation.


Who can see restricted assets

Only users assigned to the matching Discovery Policy can discover and access a restricted asset. Everyone else — including users with edit or admin permissions in other areas — won't see the asset in search results, the relations graph, or anywhere else in the catalog. See Access Policies for more info.

Administrators can use the Impersonation feature in the admin portal to view dScribe through another user's eyes and confirm the restriction is working as intended.


Where to go next

Access Policies — create Discovery Policies and assign them to teams
Bulk actions — restrict discovery on multiple assets at once


Have a question or can't find what you're looking for? Use the chat icon inside the catalog to reach the dScribe support team.

Did this answer your question?