Manage Clean Room Permissions and Controls
LiveRamp Clean Room gives you several layers of control over who can do what with which data, for how long, and for which purpose.
In LiveRamp Clean Room, permissions and controls fall into three broad categories:
Access and roles: Who can sign in, see a clean room, and use features like questions, Intelligence, and flows.
Content‑level permissions: What people can do with specific questions, datasets, flows, and dashboards (for example, view-only vs. edit, run vs. schedule).
Governance and privacy controls: How data is minimized, time‑bound, and protected, including crowd size thresholds, dataset rules, and privacy‑enhancing technologies.
You’ll usually use a combination of:
Organization‑level roles (set once, reused everywhere).
Per‑clean‑room roles and permissions (what each team can do in a specific collaboration).
Per‑question and per‑dataset controls (what partners can see and run).
Clean‑room‑wide privacy controls (crowd size, noise, time bounds, etc.).
By using these layers together, you can design collaborations that are both safe and flexible, with a clear, non‑technical path to managing every level of access.
For more information on controlling these permissions, see the sections below. For information on how to select and combine privacy and governance controls for your specific collaborations, see “Understanding LiveRamp Clean Room Privacy and Governance Controls”.
Note
To see a table that lists where and how to perform each of these controls, see the “Where to Manage Each Type of Control” section below.
Organization Access and Role Management
At the organization level, the account admin creates and manages roles that bundle together permissions such as:
Clean room administrator
Intelligence administrator
Question Builder administrator
Data import jobs read only
User management
Organizational roles control what users can do in LiveRamp Clean Room and are typically assigned based on the user’s role within the organization (for example, data scientist, analyst, IT, etc.). They do not control what users can do in clean rooms that they do not own. Clean room access and permissions are managed separately (for more information, see "Manage Permissions Within a Clean Room”).
Admins also add users to the organization and assign them to roles so they have the right baseline capabilities before they ever join a specific clean room. Clean Room provides a set of optional default roles that can be used as a starting point when assigning roles.
For more information, see “Managing LiveRamp Clean Room Users”.
Clean Room–Level Access and Roles
Each clean room has its own access settings that build on the org‑level roles.
For Clean Room Owners
As the owner of a clean room, you control the following areas from within the individual clean room:
How partners interact with all questions within the clean room (for example, whether partners can view queries, edit questions, schedule runs, etc.).
To configure these clean room-level question permission settings, follow the instructions in “Question Permissions and Overrides”).
Which permissions are available to each partner organization to assign (for example, whether partners can use Question Builder, Intelligence, Flows, etc.).
To configure these permissions, follow the instructions in “Permission Available to Clean Room Partners”.
Which roles exist for each partner organization in the clean room and which permissions are attached to each role.
To configure clean room roles, follow the instructions in “Manage Clean Room Roles”.
Which users from your organization are added to the clean room and which role each user gets.
To manage users in a clean room, follow the instructions in “Add Users to a Clean Room”.
For more information, see “Permission Available to Clean Room Owners".
For Clean Room Partners
The partner user who is invited to a clean room becomes the partner admin and can:
Create and manage roles for their own users inside that clean room, but only using the permissions the owner made available (follow the instructions in “Create and Edit Clean Room Roles”).
Add and remove users from their own organization in the clean room and assign roles to them (follow the instructions in "Add Users to a Clean Room”).
For more information, see "Permission Available to Clean Room Partners”.
Cloud‑Side Controls (BigQuery and Other Clouds)
For cloud‑native clean rooms (like BigQuery), your cloud platform’s permissions also limit what LiveRamp can see and do.
In your cloud environment (for example, Google Cloud BigQuery), you decide:
Which service accounts exist for LiveRamp.
Which datasets and tables those service accounts can read.
Whether LiveRamp can create authorized views and shared datasets for Analytics Hub (BigQuery).
This determines which source data can be exposed to LiveRamp at all.
In Google Cloud Platform, you create service accounts and roles.
Grant minimum permissions (for example, bigquery.datasets.get, bigquery.datasets.create, bigquery.tables.getData) only where needed.
For more information, see “Connect to Data in BigQuery”.
Dataset‑Level Controls
When you connect your datasets and provision them to clean rooms, you decide which data is even available in each collaboration.
Data Connection Controls
At the data connection level (org‑wide), you choose which datasets from your cloud or storage are brought into LiveRamp Clean Room by only creating data connections for the datasets you want Clean Room to access.
During the data connection process, you can also control which fields from those datasets are able to be accessed.
For more information, see the instructions for each specific cloud provider in the “Connect to Cloud-Based Data” section of the documentation site.
Dataset Provisioning Controls
For each clean room, you decide:
Which datasets are provisioned into that clean room.
For each provisioned dataset:
Which columns are queryable.
Which rows are included (row‑level filters).
Whether partners can assign the dataset to questions on your behalf.
This is your main data minimization control: you only expose what is needed for the collaboration.
For more information, see “Provision a Dataset to a Clean Room”.
Dataset Analysis Rule Controls
Dataset analysis rules let you define how each dataset can be used in a given clean room, such as:
Which columns:
Can be used in joins
Can be projected (returned in results)
Require a minimum audience size (input k‑min).
Which aggregation functions (COUNT, SUM, AVG, etc.) are allowed on each field.
There is also a global default rule that blocks projection of fields labeled as PII in data connections for analytics questions.
For more information, see “Set Dataset Analysis Rules”.
Controls When Assigning a Dataset to Questions
After provisioning a dataset to a clean room, you then decide how each question uses it::
Which dataset backs each question dataset macro (for example, “exposures dataset” or “conversions dataset”)
Which fields in that dataset map to each field macro (for example, date, user ID, campaign, etc.)
This ensures questions pull the right columns and supports privacy constraints.
For more information, see “Assign Datasets to Questions”.
Clean Room‑Level Privacy and Governance Controls
These controls apply at the clean room level and affect all data and questions in that collaboration.
Time Bound Controls
When the clean room owner creates the clean room, they set a start date and can have an optional end date. After the end date, the clean room becomes read‑only:
No new question runs.
No new datasets configured.
No new partners added.
You can always reactivate the clean room by extending the end date.
For more information, see “Create a Clean Room”.
Crowd Size Controls
Crowd size (k‑min) is a minimum audience size that a result must meet to be shown (for example, at least 100 users in a row of a report). If a result is below this threshold, it is suppressed to reduce re‑identification risk.
When creating a clean room, the owner sets the Crowd Size / k‑min threshold in the clean room’s privacy parameters.
For more information, see “Create a Clean Room”.
Differential Privacy, Noise, and PETs
Depending on your configuration and contract, you can use additional privacy‑enhancing technologies (PETs):
Pseudonymization to RampIDs: PII is removed and data is resolved to RampIDs; PII does not enter the clean room. For more information, see “Create a Clean Room”.
Differential privacy / noise: Adds controlled noise to results to further protect individuals.
Input k‑min (Aggregation Threshold Rules): Requires a minimum number of identifiers contributing to each intermediate aggregation.
Confidential Computing (TEE) clean rooms: If you create a Confidential Computing clean, it runs queries inside a secure hardware enclave for stricter zero‑trust environments (for more information, see “Clean Room Types”.
Question‑Level Permissions and Query Transparency
Question‑level permissions decide what partners can do with each question: see code, edit, run, schedule, or just view outputs.
Set Default Question Permissions
For each clean room, owners and partners can each set defaults for all future questions their organization authors in that clean room to control the actions that partners can take, including the following:
View Query/Code: Allows partners to view the code for the question prior to opting datasets into the question.
Edit and Delete Question: Allows partners to edit the content of questions or delete them from the clean room if they are no longer required.
Clone Question: Allows partners to create a clone of the question and assume ownership of the clone. This means partners in the clean room can edit the cloned version of the question.
Set up and Schedule Runs: Allows partners to trigger runs of the question and schedule them on a recurring basis.
View Reports and Output: Allow partners to view the results of a given question run for the specified question. You can choose to apply this permission to specific partners or to any partner.
You can also decide which partners each permission should apply to by default (any partner vs. specific organizations).
To edit the default question permissions, go to the clean room and then select Details → Parameters and Permissions (follow the instructions in “Change Question Permission Defaults”).
Set Permission Overrides for a Specific Question
For individual questions, question authors or admins can set the following overrides:
Make a specific question more open (for example, allow a trusted partner to see code and clone the question).
Make a specific question more restrictive (for example, allow run‑only and view‑output‑only, with no code access).
To set overrides for a specific question, go to the clean room and then select Questions. In the question’s More Options menu (the three dots), select Permissions Override and then turn specific permissions on/off for the partners you choose (follow the instructions in “Assign Permission Overrides to a Specific Question”).
Permissions for Intelligence Dashboards and Reports
Intelligence is the visualization tool for building dashboards and reports based on question outputs. When creating a clean room, clean room owners must select Enable Intelligence to gain access to this feature.
There are two key permissions:
Intelligence Viewer: Allows users to view dashboards and reports. When Intelligence is enabled in a clean room, the partner admin’s default role includes Intelligence Viewer, and they can assign Intelligence Viewer or Intelligence Creator to additional partner roles via Manage Roles.
Intelligence Creator/Writer: Allows users to build and edit dashboards and reports.
To edit Intelligence permissions for partners, see “Managing Available Permissions for Partners”.
Permissions for Flows
Flows let you chain multiple questions into a multi‑step workflow (“flow”) and schedule it.
Flow‑related permissions are assigned at the clean room level, which include:
Flow Builder: Create and edit flows (the workflow itself).
Create, Schedule, and Delete Flow Runs: Manage flow runs.
View‑only Flows: Read‑only access to flows and runs.
To fully access the Flows feature, users typically require additional clean room roles. For more information, see “Flow Management”.
Where to Manage Each Type of Control
Use the table below to determine where to go to implement a specific control:
Area | Task | UI Location | Instructions |
|---|---|---|---|
Org roles and users | Define baseline roles and add users to LiveRamp Clean Room. | Administration → Clean Room Configuration → Clean Room Roles | |
Clean room roles and partner access | Decide what owners/partners can do in a specific clean room and assign roles. | From within the clean room:
| |
Question permissions | Let partners run, schedule, edit, or view code/outputs for specific questions. | From within the clean room:
| |
Datasets in a clean room | Limit fields/rows partners can query; add or remove datasets from a clean room. | From within the clean room: Datasets → Provision | |
Dataset analysis rules | Enforce safe joins, projections, aggregates, and input k‑min. | Datasets → Analysis Rules (gear icon) | |
Question–dataset mapping | Control which datasets and fields power each question. | From within the clean room: Questions → Assign Datasets | |
Intelligence access | Decide who can build vs. only view dashboards. | From within the clean room: Access → Partners & Users → Manage Roles | |
Flows access | Decide who can build, run, or just view flows. | From within the clean room: Access → Partners & Users → Manage Roles | |
Clean room time bounds and crowd size | Set collaboration start/end dates and minimum audience size (k‑min). | Clean Room → Clean Rooms and click | |
Cloud‑side access | Control which data LiveRamp can see in your cloud. | Cloud console (for example, GCP IAM, BigQuery). | Configure a BigQuery Data Connection for a BigQuery Clean Room |