Welcome
Administration
Learn about how to configure, manage, and maintain HCL CDP environments. It includes details on system setup, user management, permissions, integrations, and troubleshooting, ensuring seamless operation and efficient deployment of your continuous delivery processes.
Onboard Tenant
Role Based Product Access (RBAC)
This page explains how to manage user access to products and data within the platform by assigning roles in a multi-tenant environment. Each role determines which products and dashboard metrics a user can see, ensuring secure and personalized experiences.

Getting Started
Welcome to the documentation for HCL CDP, where you can find information about how to install, maintain, and use this service.
Installation
Learn more about HCL CDP installation and deploying core components of the product.
Administration
Learn about how to configure, manage, and maintain HCL CDP environments. It includes details on system setup, user management, permissions, integrations, and troubleshooting, ensuring seamless operation and efficient deployment of your continuous delivery processes.
- Introduction
  This section provides an overview of how to create, on-board, and manage tenant accounts effectively. You will also learn how to enable channels and modules for each tenant, ensuring they have the necessary tools and functionalities to maximize their experience within the CDP.
- Onboard Tenant
  - Create Tenant Account
    After successfully installing the application, the next crucial step is setting up tenant accounts. A tenant account acts as a dedicated environment within the system, allowing organizations or user groups to operate independently and securely.
  - Onboard Tenant Account
    After creating a tenant account in the admin portal, backend onboarding is required to complete the setup process. This step ensures that the tenant is fully recognized by the system and properly integrated across all supporting services.
  - Create User Profile
    The User Access page in the admin portal provides administrators with essential tools to manage user accounts within a tenant. This functionality helps ensure proper access control and account lifecycle management.
  - Keycloak integration with CDP
    This page describes on how to integrate Keycloak as an identity provider for the application using User Federation.
  - Setup Unica Platform SSO in CDP
    This page explains how to enable Single Sign-On (SSO) between HCL Unica Platform and CDP using the CDP-OP (On-Premise) component, allowing seamless authenticated access to CDP from within the Unica UI.
  - Role Based Product Access (RBAC)
    This page explains how to manage user access to products and data within the platform by assigning roles in a multi-tenant environment. Each role determines which products and dashboard metrics a user can see, ensuring secure and personalized experiences.
- Enable Channel Modules
  After onboarding the tenant account, enable or disable modules required for the tenant based on the proposed contract.
- Enable APIs
  After onboarding the tenant account, enable or disable specific API(s) (External API, Journey API), based on the services agreed upon in the contract..
- SST Enhancement
  To support enhanced user profile enrichment across the platform, both Pixel Listener and DI API data sources must be configured to accept and map key identity and demographic attributes. This section ensures consistent and accurate user data updates within the profile system for each campaign.
Working with System
This section describes the Data Pipeline for streamlined data flow, leveraging Customer One View for unified profiles, and orchestrating campaigns to drive targeted engagement.
Insights and Actions
This section details unify real-time dashboards and AI-driven intelligence to transform data into impactful outcomes.
Integrations
HCL CDP comes with predefined APIs like get profile and data ingestion APIs.
Settings
This section allows configuring product label, setting frequency caps, and so on.
System Data Model

Role Based Product Access (RBAC)

This page explains how to manage user access to products and data within the platform by assigning roles in a multi-tenant environment. Each role determines which products and dashboard metrics a user can see, ensuring secure and personalized experiences.

The RBAC is designed to control visibility of features and data across tenants based on user roles. It ensures users see only the products assigned to their roles, access can vary by tenant (organization), and dashboards and campaign views reflect only the permitted data.

Execute the RBAC Table Scripts

To map user role access, follow the steps below:

Create the following tables for an environment using the create queries:

PBARoleProductMapping:

CREATE TABLE PBARoleProductMapping  (
 	TenantID INT NOT NULL,
 	RoleID INT NOT NULL ,
 	ProductName TEXT NOT NULL,
 	PRIMARY KEY (TenantID, RoleId)
 );

PBATenantUserRoles :

CREATE TABLE PBATenantUserRoles (
 	TenantID INT NOT NULL,
 	RoleID INT NOT NULL,
 	RoleName VARCHAR(255) NOT NULL,
 	PRIMARY KEY (TenantID, RoleID)
 );

PBARoleUserMapping:

CREATE TABLE PBARoleUserMapping (
 	TenantID INT NOT NULL,
 	RoleID INT NOT NULL,
 	UserID INT NOT NULL,
 	PRIMARY KEY (UserId, RoleID )
 );

Define the role in the PBATenantUserRoles table for the tenant.
```
insert into PBATenantUserRoles (RoleID, RoleName, TenantID) values (1,"Admin", <TenantID>);
```
Note: Replace the <TenantID> with the corresponding value.

Define product labels in the PBARoleProductMapping table for RoleID and TenantID.

insert into PBARoleProductMapping (RoleID, ProductName, TenantID) values (1,'["HOME LOAN","Credit Card","Credit Upgrade Offer","Credit card"]', <TenantID>);

Assign the role of tenant to a particular user in the PBARoleUserMapping table.

insert into PBARoleUserMapping (RoleID, UserID, TenantID) values (1,3724, <TenantID>);