This article is a continuation of How to Manage Attributes and covers the Advanced Permission Controls feature that allows you to control which user groups can view and edit specific attribute groups. To configure attribute group permissions, please contact Support or your MediaValet representative.
Overview
Attribute Grouping with Permissions allows DAM admins to control who can see and edit specific metadata fields by user group. It solves the problem of overexposed or irrelevant metadata as DAM usage scales across teams, regions, and external partners. Combined with Category Level Permissions under Advanced Permission Controls, this release enables enterprise-grade governance without sacrificing adoption or usability.
- Reduce metadata clutter and confusion for different teams
- Improve tagging accuracy by limiting edit access
- Enable secure DAM expansion across departments and external partners
- Maintain compliance and data quality standards
Note: Advanced Permission Controls combines Category Level Permissions (CLP) and Attribute Group Permissions under one unified permission control model.
Common Use Cases
Attribute Group Permissions are commonly used for:
- Multi-department organizations: Show each team only their relevant metadata fields
- External partner access: Restrict sensitive attributes from agencies or contractors
- Compliance and governance: Lock down critical fields to specific administrative groups
Prerequisites
Before you can manage attribute group permissions, you need:
- Advanced Permission Controls feature enabled for your library (contact your account manager)
- Administrator or Library Administrator permissions with Manage Attributes access
- At least one custom attribute group already created (see How to Manage Attributes)
- User groups configured for your organization
How Attribute Group Permissions Work
By default, all attribute groups are visible to all user groups. When you apply permissions to an attribute group, only users in the selected user groups can view and edit attributes within that group. These permissions apply across all areas of the DAM:
- Upload flow
- Asset details panel and full view
- Bulk edit attributes
- Search filters
- API and integrations
Important: Restricted attributes are not exposed via API or integrations to unauthorized users. Permissions are applied at the attribute group level, not individual attributes.
Managing Attribute Group Permissions
Watch our demo!
Step 1: Access Attribute Settings
- Navigate to Settings > Attributes in your MediaValet library
- Locate the custom attribute group you want to manage permissions for
- Click the three-dot menu on the attribute group
Step 2: Set or Edit Permissions
To configure permissions for an attribute group:
- Select Manage Permissions from the menu
- A permission management panel will open showing all available user groups
- Use the search bar to find specific user groups if needed
- Toggle permissions on or off for each user group:
- Enabled (toggle on): User group can view and edit attributes in this group
- Disabled (toggle off): User group cannot see or access attributes in this group
- You can enable/disable permissions for multiple user groups in bulk
- Click Save to apply the permission changes
Step 3: Review Permissions
To quickly review which user groups have access to an attribute group:
- Click the three-dot menu on the attribute group
- Select View Permissions
- A panel will display all user groups that can or cannot view/edit the selected attribute group
Tip: Use filters and views in the attribute management interface to easily identify which user groups have access to which attribute groups.
End User Experience
Once permissions are applied, end users will only see attribute groups and attributes they have access to. This includes:
During Upload
Users will only see attribute groups they have permission to access in the metadata section of the upload flow. They can search for attributes, filter by attribute groups, and see which group each attribute belongs to.
Asset Details Panel
When viewing or editing asset details, users will only see attribute groups (including attribute descriptions set by administrators) that they have permission to access. Restricted attribute groups will not appear at all.
Bulk Edit Attributes
When bulk editing attributes for multiple assets, users can only select and modify attributes within groups they have access to.
Search Filters
In the Custom Attributes filter and List View column management, users will only see attributes from groups they have permission to access.
List View
When managing columns in List View, users can only add attributes from attribute groups they have access to.
Best Practices
- Plan your attribute group structure before applying permissions. Group related attributes together logically based on team needs and workflows.
- Start with broader permissions and restrict as needed. It’s easier to remove access than to diagnose why users can’t see expected fields.
- Document your permission strategy. Use the attribute group description field to note which groups should have access and why.
- Regularly audit permissions. Review who has access to sensitive attribute groups quarterly or when team structures change.
- Communicate changes to users. Let teams know when attribute visibility changes to avoid confusion.
- Test permissions before full rollout. Create a test user account in each user group to verify the end user experience.
- Coordinate with Category Level Permissions. If you’re also using CLP, ensure your category and attribute permissions work together logically.
Limitations and Considerations
- Mobile support: Attribute group permission management is not currently supported on mobile devices. You must use the web interface to configure permissions.
- Group-level permissions only: Permissions are applied at the attribute group level, not to individual attributes within a group.
- System attributes: Default system attribute groups cannot have permissions applied. Only custom attribute groups support permissions.
- API and integrations: Restricted attributes are not exposed to unauthorized users through the API or integrations.
- Maximum limits: You can create up to 50 attribute groups per library, with up to 100 attributes per group.
Troubleshooting Tips
Users Can’t See Expected Attributes
- Verify the attribute group has permissions enabled for their user group
- Check that the attribute is assigned to the expected attribute group
- Confirm the user is a member of the correct user group
Attributes Not Appearing in Integrations
This is expected behavior. Restricted attributes are not exposed through the API to unauthorized users. Verify that the integration is authenticating with credentials that have access to the required attribute groups.
Permission Changes Not Taking Effect
- Ensure you clicked Save after modifying permissions
- Have users refresh their browser or log out and back in
- Permission changes should apply immediately but may require a page refresh
Related Resources
- How to Manage Attributes - Learn how to create and manage attribute groups
- Understanding User Groups - Learn how to create and manage user groups
- Category Level Permissions - Learn about controlling access to asset categories
Additional Information
Feature Availability: Attribute Group Permissions is part of the Advanced Permission Controls add-on, which combines Category Level Permissions and Attribute Group Permissions. Contact your account manager for pricing and to enable this feature for your library.
Support: If you have questions about configuring attribute group permissions or need assistance, please contact your Client Success Manager or MediaValet Support at support@mediavalet.com.