EmpowerID provides the ability to control who may see which objects and which object attributes at the lowest level in the Identity Warehouse database. Three types of policies are available to limit and control this access:
Visibility Restriction policies are policies that you can create to limit the ability of people to view (objects) in EmpowerID in the user interface and via the API. These policies are similar to RBAC delegations in that you can assign them to any EmpowerID Actor, such as a Management Role, Group, Query-Based Collection (SetGroup), and so forth.
Data Visibility Filters are SQL-based filters written against the EmpowerID Identity Warehouse, they offer great flexibility and power, allowing you to show and hide objects based on any data in the Identity Warehouse.
Column Visibility Filters are SQL-based filters written against the EmpowerID Identity Warehouse, they offer great flexibility and power, allowing you to show and hide data in the Identity Warehouse at the column and attribute level.