As we shared in a previous post, we’re exploring more capabilities that can support our customers who have strict requirements for the protection of information. Controlled access to this information is a key part of the story. We’re currently exploring ways to provide more granular control for channels in Mattermost through custom attributes.
The basic premise is to enable custom properties for channels and users and then use these properties for access control. This could permit use cases like locking channel access to specific ‘need-to-know’ programs or information silos.
System admins can configure custom user attributes to be pulled in from external directory services (like LDAP or SAML), and then Channel Admins can add corresponding attributes to a channel to grant access. Only users with matching properties would have access.
Check out the demo video below:
Channel Settings
In the channel settings, once the new ‘Advanced access controls’ setting is enabled, channel admins can add properties that must match with a user’s properties in order for the channel to be accessed.
Adding members to an access-controlled channel
When adding members to the channel, only those with matching properties can be added. No other users will appear in the suggestion list.
Combined with channel banners
This feature in conjunction with channel banners and properties will enable clear, visual identification of channel intent, and restrictions.
Let us know what you think
This is a very high-level overview of the concept. Of course, there are a lot of nuances and details behind the scenes, but we’d love to hear your thoughts on the concept. Send us a reply here or connect with your customer success manager to share your feedback.