Defining Security Roles Using Security Administration

How do I define security for a Security Role?

To define security, select a feature, select a Security Role, and then configure the role's permissions.

What are the available permissions in Security Administration?

The available permissions are as follows:

  • Grant: Feature is fully available for use.
  • Deny: Feature is visible in the software, but settings cannot be edited or changed. Attempts to use most features results in a prompt for elevation, which requires credentials from a user who does have access.
  • Hide: Feature is completely hidden from user.

What else do I need to know when defining security?

Here are some tips to consider as you define security:

  • Select a security setting in the All column to apply that setting across the entire row.
  • Some features require a user to have access to other features as well, so be aware of this as you refine your security settings.

To define security for a Security Role

Many features are part of a hierarchy and include sub-features. In Security Administration, make sure you select a feature to reveal sub-features, if any. This allows you to drill down and further refine your security settings.

  1. Manage CO Only Security: Displays features and roles that you can configure specifically for Central Office. Any security role you configure here will have CO prefixed to the name.
  2. From the Step 1 drop-down, select the feature, and then select Add Feature. To add all features at once, select Add All. This step can be performed at any time as you define security.
  3. From the Step 2 drop-down, select a role, and then select Add Role. To add all roles at once, select Add All. This step can be performed at any time as you define security. Note CO-created Security Roles do not appear in this drop-down to locations. A location can never edit the security keys for a Central Office-created Security Role.
  4. Define feature security for each role as needed. If you define security for a feature that has sub-features:
    1. Selecting Grant on the parent feature does not affect the sub-feature permissions.
    2. Selecting Deny on the parent feature changes any Grant sub-features to Deny.
    3. Selecting Hide on the parent feature changes any Grant or Deny sub-features to Hide.
  5. When finished, select Save.