What are Security Groups?
Security groups are a new way in handling permissions and reports for our next generation products that make APIv3 calls such as Beyond. This process is distinct and different from security roles and are not interchangeable. With "security roles" users select individual roles that make up the permissions of the user. With "security groups" users are only ever assigned one group per group type (permissions, and reports).
*Note- Currently Beyond rely's on security groups within Enterprise to manage their users permissions and access. If you are trying to set up security in Beyond Please review this article.
Creating Security Groups
Security groups can be created by navigating to the 'administration' section in enterprise under all options:
Navigate from here to the 'security' form, this is where security groups can be created, edited and deleted.Each service rep can be allocated only one security group per security group types. Currently two groups exist:
- Permission Security Groups- a group that determines functionality a user can access.
- Reports Security Groups - A group that determines the reports a user has access to.
- Custom Data Security Groups- A group that determines the custom data fields a user can view/ and or edit.
Select from the drop-down to preview either Permission Security Groups or Report Security Groups, here you may view a list of all current permissions/reports within that group.
When creating a security group be sure to determine which group type you are creating, service reps can belong to one of each type. When you have decided which group to create select the '+' icon.
When creating a new security group, consider paralleling this with the real groups who work for your company. Creating a group can provide clarity in what the user can do and what they can see. Once the create new security group wizard opens, enter the following information:
- Security Group Type- The current type of group you are creating this is dependent upon which group you were in when the '+' icon was selected.
- Hierarchy- The hierarchy level/location this security role will be available at.
- Name- The Naming convention for your security group.
- Description- An explanation of this group that is a concise summary of the role.
- Permissions/Reports- Select the permissions/reports that would apply to this group.
*Note* When selecting reports for a reports security group you may choose to select some or all of the reports in a given grouping. If only some reports are chosen that group will have a '/' in the checkbox representing that group. If all the reports in a group are selected this will be denoted by an 'x'
If you don't have access to the permission 'admin' permission, some permissions may be grayed out:
*Note* If you are unsure of what a specific permission does, hover your cursor over the permission for a quick tool tip on the functionality.*Note* When selecting reports for a reports security group you may choose to select some or all of the reports in a given grouping. If only some reports are chosen that group will have a '/' in the checkbox representing that group. If all the reports in a group are selected this will be denoted by an 'x'
Editing Existing Groups
An existing group may be edited by selecting/deselecting checkbox's representing that groups permissions.
Adding Members/Service Reps to Security Groups
Members can be reviewed from the 'members' section on the security form.
There are two ways to add members/security reps to a security group.
1. From within the security form, simply select the group you wish to review the members of and select the '+' icon.
Here, a wizard will appear where a service rep can be selected.
*Note* If service rep already has a security group for the selected type, they will be deleted from that group and added to the new group.
2. This can also be achieved from the 'service rep' form. Here the service rep may be selected and their security group may be determined or changed per type listed.
A new type may even be created using the '+' icon.
Custom Data Security Groups
Once a custom data security group is created the group will display every custom data field that is in your system. Five fields will display on the custom data properties to define each field.
- Name- The name of the custom field.
- Origin Type- The record the field applies to.
- Hier- The hierarchy the field exists at/for.
- Deny Read- When checked the field will not be viewed a member of this group.
- Deny Write - When checked the field will not be editable by a member of this group.
*Note- If a field is not checked it will be visible to the user.
*Note- If a field is currently inactive in the administration section of Enterprise under of custom data. It will not be able to be viewed regardless of whether the fields relationship to its custom data security group.