I want to use Attribute-based access control and permission feature to enable access control for platform users. In my AEP production sandbox I have data from two different Geos sources. I want to restrict data access from one Geo1 to users from another Geo2. I am planning to use Attribute-based access control for the same. Please suggest if there are alternate ways to archive this.
Attribute-based access control setup
Geo 1 - Have access to all attributes with custom label G1
Geo 2 - Have access to all attributes with custom label G2
My question is, for platform users from Geo1, will they see attributes and events with label G2 in customer profile/identity graph when they browse customer Profile and vise versa?
This should work fine.
Attributes labeled as G1 will only be accessible by users having permission to G1 while looking up a Profile or when creating segments.
For Identity Graph, the permissions are more boolean in nature and allow you to determine which users in your organization can access the identity graph through the user interface or APIs.