Qlik Cloud Analytics Basic Users are automatically promoted to Full User entitlements

Users previously assigned a Basic User entitlement have unexpectedly been promoted to Full User entitlement. 

This is working as expected and will happen when a Basic User is granted any additional permissions. Source: Types of user entitlements.

An exception is the Collaboration Platform role, see Qlik Cloud Analytics: Assigning the Collaboration Platform User role to a Basic User does not promot....

How to determine what elevates a user

To determine what promotes a user to a Full User: 

1. Log in and go to the Cloud Administration center
2. Go to User Management
3. Hover (a) over the user's Information icon
   
   
   
   

It is also possible to use the Access Evaluator App to have a more holistic overview over assignments.

What to remove

To avoid users being promoted to Full Users, remove any assignment, both in single spaces and at a global level.

Spaces

Verify the users are not assigned any roles other than than Has restricted view. 

Be careful when using the Anyone group, since assigning any other role to this group will promote all users to Full.

This includes the default data space: Default_Data_Space created on tenant setup. Remove the Anyone member:

1. Go to Spaces
2. Click the ellipses menu (...) and choose Manage members
3. Remove Anyone by through the ellipses menu (...) and clicking Remove
   
   
   

Global

Turn off Auto assign for all Security roles in the Administration Center.

1. Open the Administration Center
2. Open Users
3. Switch to the Permissions tab
4. Switch Auto assign to Off on all Security roles:
   
   

Specific users

If a user was manually assigned a role, the role has to be removed again manually.

1. Open the Administration Center
2. Open Users
3. Switch All Users tab if not already selected
4. Locate the user and click the ... menu (a), then choose Edit roles (b) and remove all previously assigned roles
   
   

Environment

• Qlik Cloud Analytics