This is all controlled by editing/creating security roles in the QMC. For Example, if you want to grant a Group (from AD) access to create applications, you would probably want to disable the rule CreateApp. You would then want to create a new rule, such as CreateAppCustom. When Creating this rule, lets say you wanted to grant users belonging to the IS AD group the ability to create applications, you would add the following condition to the new CreateAppCustom rule:
When this rule is enabled, only users belonging to the AD group of IS will have the ability to create an application.
You will want to do similar changes around FolderDataConnections and Streams.
This is just a sample to get you pointed in the right direction. If users are not assigned any of the default roles, they will not have the ability to do much in QMC. That's what the default roles are mainly used for (Root Admin, ContentAdmin, etc.).
It's really all up to you as to how you want your security to work.
So, for your HR stream, the rule would be something like this:
Hope this helps point you in the right direction.
Hi Sean, I assume you mean for Qlik Sense?
If so, to get started - you might want to watch this Webinar: (video)
I found this extremely helpful when learning about Qlik Sense security rules.
Let us know how you do.
jog - great job, excellent webinar.
Please mark the appropriate replies as CORRECT / HELPFUL so our team and other members know that your question(s) has been answered to your satisfaction.
I never watched the video posted long time ago, it seems to be missing in action, now, I believe this video provides the same information or closer to the one given by the run away video:
Hope this helps,