Stack Overflow
Stack Overflow

Questions tagged [palantir-foundry-security]

Questions related to using Palantir Foundry security primitives are appropriate to use here.

The Foundry Security model encompasses both authentication and authorization for applications, components, and datasets within the Palantir Foundry platform.

Please see the Foundry Security documentation here: https://www.palantir.com/docs/foundry/security/overview/

13 questions
2
votes
0 answers

What log is emmitted in Palantir Foundry Audit Logs when a change is made in Control Panel?

I want to monitor when anyone makes a change to the Foundry configuration through Control Panel. What log types from Audit Logs should I be focusing on so I can be alerted in such an event?
Aron
  • 63
  • 3
2
votes
1 answer

Dataset in Foundry has a marking that appeared from nowhere

I have a dataset in Foundry that has a marking, but none of its input datasets have a marking. How did the marking appear on my dataset?
DHerls
  • 827
  • 9
  • 21
1
vote
2 answers

Is group name case sensitive in SAML payload (in Palantir Foundry context)?

During a SAML login via multipass, a list of groups is provided in the payload in Are these groups matched case-sensitively? i.e.: Will a group that was provided as "AbcDef"…
GuiguiDt
  • 263
  • 1
  • 11
1
vote
1 answer

Is there a shortcut for creating a custom role that is the same as an existing role, minus some operations?

https://www.palantir.com/docs/foundry/platform-security-concepts/projects-and-roles/#create-new-role-sets describes how to create custom role sets, and includes an example of a role set containing "Editor without ability to sync." In general, it…
Aaron Rubin
  • 46
  • 2
1
vote
1 answer

How to confirm that none of our projects have VIEW access (or higher) as the default role?

Is there an easy way to confirm that none of our projects have VIEW access (or higher) as the default role? We want to give a handful of external contractors very limited access to specific datasets, but I'm worried that we have historically set up…
ataheri
  • 47
  • 3
0
votes
1 answer

How to implement Column level security in Palantir foundry?

I am trying to find a way to implement column level security using restricted views and policies. I want to hide and show columns based on rules just like row level security. How we do that ? Implemented row level security but didn't saw anything…
Vaibhav Najan
  • 11
  • 1
0
votes
1 answer

Palantir Foundry send to the external API a dataset when updating and add the response to a new column

I am new to Palantir and I need to send a dataset when a new data is created to an external api and add the response as a new column, is it possible or is there any way to receive this data in an external service? I want to send data from a dataset…
Gino Cerda Hinostroza
  • 11
0
votes
1 answer

Implementing OAuth for ODBC

I am trying to connect and query our foundry ontology from different Microsoft tools in our own network. I was able to do so using a token as described in the documentation. That works great and it is easy to configure. The problem is that it is…
Luis Garcia
  • 1,311
  • 6
  • 19
  • 37
0
votes
1 answer

What is the behavior of the Granular Permission Service (GPS) null-check on a Multipass attribute?

One quick question regarding the Granular Permission Service (GPS) null-check change that is being rolled out. I’m assuming if a column does have null values and it’s used in a policy checking whether the column matches a MP attribute, for example,…
ataheri
  • 47
  • 3
0
votes
1 answer

Can I test pre-registered user access without logging in as that user in Foundry?

In Palantir Foundry's Multipass, I created a pre-registered user to test data access based on specific markings. Is there a way to login as this test user? There's no password settings or similar. I used the Edit policy > Test policy feature in a…
Adil B
  • 14,635
  • 11
  • 60
  • 78
0
votes
1 answer

How do I revoke user-generated API tokens in Foundry?

Is there a way to programmatically revoke all user-generated tokens for a service user? I saw some endpoints in the Multipass internal API, but from my understanding those are locked down for FE use. This is for killing off restricted tokens in the…
ataheri
  • 47
  • 3
0
votes
1 answer

Parsing a user's SAML attributes via Foundry's Multipass or Control Panel

I want to add more metadata to last names in Palantir Foundry's Multipass for our users (for instance, to display Anna Smith, USA (Contractor)). My SAML integration has attributes employee_type: CONTRACTOR and certificate_cn…
Adil B
  • 14,635
  • 11
  • 60
  • 78
0
votes
1 answer

If a user signs in through a different provider with the same UID, will the realm of that user be changed?

We had an issue where we needed to delete the old realm's provider and collector before the user correctly got assigned the new realm when signing in through the new provider.
ataheri
  • 47
  • 3