The ability to create and manage scheduled reports is controlled by the Change Scheduled Reports permission, part of the Repository & View Permissions. Access control is therefore available per user and repository combination.

You can control which email domains can be used in scheduled reports by specifying the email allowlist in the Organization Security Policies.

Additionally, the generated PDF files can secured so that the file requires a password before the created PDF report can be opened. To configure a passwod for the PDF, the password can be set it during the configuration of each report.

To enable permissions, you must either add the permission to an existing role, or create a role with suitable permissions and assign that to each repository and user combination that needs to create and manage Scheduled PDF reports.