Skip to content

Get Started With Your Okera Test Drive

This Okera test drive guide provides an easy step-through tutorial to teach you the key concepts of Okera to help you get started using your free test drive. To sign up for a test drive, fill out the request form at

Note: The Okera test drive may also be referred to as the Okera self-service trial.

What is Okera Data Access Platform?

Okera Data Access Platform (ODAP) is an enterprise universal data authorization tool that integrates with the main analytics tools in your organization. It allows you to register data from different data sources, easily organize and tag that data, and then grant access to the data using permissions while also specifying fine-grained conditions that enforce column-level security, row-level security, and data masking and transformation. It then dynamically enforces Okera permissions at runtime.

Learn more about ODAP in Product Overview.

What's Included in the Okera Test Drive?

Your Okera test drive begins with an email describing the self-service test drive and its cluster. The test drive includes:

  • Sample data and users you can use to test policy management and policy effects.
  • Embedded prebuilt dashboards and notebooks in Apache Superset, JupyterHub, and Snowflake that you can use to query data and see the effect of policies on the different users.

Test Drive Environment Scenario

In this self-serve test drive environment, your organization is expanding their sales department to include sales directors and sales analysts for each territory in which your company operates. Your test drive environment must support the following data restrictions to support the expansion:

  • Each sales director should only see data pertaining to the individual territories that they manage. So, all individuals assigned the sales_director_role should only see data for the territories that they manage.
  • Sales analysts should only see data that is geographically relevant to them, so we will ensure that individuals assigned the sales_analyst_role only see data pertaining to the countries in which they operate.
  • Sales analysts currently have access to all sales data, however, data that is classified as sensitive should be masked for the sales_analyst_role.
  • Individuals in your organization assigned the sales_analyst_role should not be able to see personally identifying information (PII) in the customer data. During this test drive, we will make sure that all PII data is identified and protected.

Test Drive Environment Users

Your test drive environment has the following users. Their passwords have been sent to you as part of your introductory kit. When you receive your test drive, <tenant> will be replaced with your company name. In images and videos in this test drive documentation, <tenant> is replaced with your_company.

Is a member of groups
Assigned to these Okera roles
admin_<tenant> admin
analyst_<tenant> analyst_<tenant>
sally_<tenant> sales_analyst_group
sam_<tenant> sales_analyst_group
mary_<tenant> marketing_analyst_group
danny_<tenant> danny_<tenant>

Note: In addition to these predefined users, two demo users (demo_user_<tenant> and demo_user2_<tenant>) are provided for you to customize. Use these user definitions to test and optimize the environment as needed.

Okera Permission Model Diagram

Okera uses both role-based access control (RBAC) and attribute-based access control (ABAC) in a complementary way to ensure access management is the most scalable for the enterprise.

Okera uses roles to make grouping permissions for users easier and more scalable. Roles can then be granted to users or groups that are integrated from your organization's identity management system. They can be customized to each organization's naming convention and can be managed programmatically as well as in the UI.

Start Exploring Okera

Use the following links to explore Okera using this test drive:

Explore the Catalog

Grant Permissions

Register New Data

Use Snowflake Policy Synchronization