Beyond - Managing Service Reps & Security Groups

Beyond & Security

Beyond now allows admins to manage service reps and their security settings directly from Beyond. It's important to note that information and users are the same for both systems but the user settings and security permissions are separate from Enterprise. 

*Note* You will need to have the security group permission "Can Administrate" in order to see the admin settings in Beyond. If you are an admin and can not see this information than reach out your TempWorks representative or contact support. 

This article reviews

  1. Security Groups
  2. Service Rep Administration

Security Groups

Security groups allow you to give specific sets of permissions to your users. 

To access security groups: 

  1. Navigate to the B for Beyond menu
  2. Select 'Settings'
  3. Select 'Security Groups'

Security groups are grouped by category. Each category will have it's own security settings. 

Security Group Categories: 

  1. Custom Data
  2. Customer Status
  3. Document Type
  4. Message Action Type
  5. Permission
  6. Report

Within each security group category, you will need to create groups of security access to give to your service reps.

For example, within the 'Permission' security group category, there may be different access options for each roll your service reps have. 

Groups might be set by user role, location, or level of access. Take time to look at all your Beyond Service Rep users to find the best ways to group them for each category. A service rep can only belong to one group in each category. 

To add a group: 

  1. Navigate to one of the security group categories
  2. Select the '+' in the upper right corner
  3. Name your group & set a description
  4. Set the Hierarchy level this group applies to (ex. system) 
  5. Select Properties
  6. Select the '+' next to members to add users
  7. Select 'Submit' to save

Custom Data

The Custom Data category includes a list of all custom data fields created from the administration section of Enterprise. By default, service reps will be able to view & edit all custom data fields. You can create Custom Data Security Groups to remove permissions to view (Deny Read) or edit (Deny Write). 

To learn more about custom data, see Beyond - Custom Data

Customer Status

This category sets which customer statuses that the service rep can change. A service rep will be able to change any checked status. 

If a user tries to change an unchecked status, they will be shown an error message stating they do not have the permission: 

Document Type

The Document Type category sets which documents a service rep can view (read), upload (write), or delete. 

Message Action Type

The Message Action category sets which message action codes a service rep is allowed to log. For each message action type, you can select whether the service rep can view (read) or post (write) a message with that action type. 

If a user is not part of a message action security group, they will not be able to log any messages by default. 

Message action codes are separated into 4 types:

  1. AR
  2. Message
  3. Sales
  4. Secure

For more information on setting up message action codes, see the Administration Manual


The Permission category includes a list of functionality related permissions including access to time entry, update employee EEO information, Mass Update Rates,  etc. This is an extremely important category to review. As new functionality is added to Beyond, you may need to update these groups to grant additional permissions. 


The Report category sets which reports a service rep can run. Reports are grouped by information. You can select an entire group of reports or use the arrows to the right to pick reports individually. 

Service Reps Admin

Service reps are your internal users of the system. As a Beyond admin, you will be able to manage your service reps' information and permissions. 

If you want to add a new service rep to the system, add them using Bridge. See Managing Users in Bridge (Hosted Clients Only) for more information. 

Editing Service Rep Information

To Find Service Rep Information, Navigate to the B for Beyond menu and select Settings > Service Representatives. 

Select the 3 dots icon to edit a users information. 

Personal information & Hierarchy Level Allowed

The first section of information on the Service Rep edit screen allows you to update the employee's name, email, & phone for the system. This is also where you can set their current hierarchy. Under Hierarchy Allowed, set how high in your hierarchy system they will be allowed to navigate to (ex. system, entity, or branch). 

Have more questions on Hierarchy? check out Beyond - Hierarchy for more information. 

*Note* The "Is Active" checkbox needs to be checked in order for your service rep to be able to log in. 

Security Groups

This is another place where you can manage an individuals security group permissions. Here you can select from a list of groups for each security group category. 

The service rep must have a group selected for each security group category in order to save or update the service rep information. 

If a user is not part of a message action security group, they will not be able to log any messages by default.


This area will list all teams that a service rep belongs to. Select the + to add the rep to a new team or the garbage can to remove a user from a team. 

For more information on teams, see Beyond - Creating & Managing Service Rep Teams

Related Articles