Provisioning Security Classes

Security classes determine the access that users have to Financial Management applications. You assign security classes to application elements such as accounts and entities. A user's or group's ability to access application elements depends on the security classes to which the user or group is granted access.

Access to journals, data forms, and data grids is controlled by the security class assigned to each artifact. Users and groups that are provisioned with the security class assigned to an artifact gain access to the artifact in the Financial Management application.

  To grant access to security classes:

  1. Access Shared Services Console as Shared Services Administrator or as the Application Administrator of the Financial Management application for which you want to define access control. See Accessing Shared Services.

  2. In the View Pane, perform these steps:

    1. Expand Application Groups.

    2. Expand the application group that contains your Financial Management application.

    3. Right-click the Financial Management application for which security roles access is to be set, and then select Assign Access Control.

      Use the Select Users and Groups tab to find the application users or groups that are provisioned with roles belonging to this Financial Management application. You can list all users and groups, or only those that match your search criteria.

  3. Select users or groups.

    1. Search for the users or groups to which you want to grant access to security classes.

    2. Select users or groups, and move them to Selected Users and Groups.

  4. Click Next.

  5. Optional: Add security classes for classic applications.

    1. In Class Name, enter a name for the new security class.

    2. Click Add. The new security class is listed in Available Classes.

  6. From Available Classes, select and move security classes to Selected Classes.

  7. Click Next.

  8. On Assign Access tab, set the access right each user or group has to each security class. By default, no access right is granted to the selected users and groups. Consult online help for assistance.

    1. Select security classes for which access rights are to be defined.

    2. From Access Rights, select the level of security class access that you want to assign to the user or group. Available access are explained in Table 20.

      Table 20. User Access Levels on Artifacts

      Access LevelPermitted Tasks
      NoneNo access to elements assigned to the security class.
      MetadataUser can view a specified member in a list but cannot view or modify data for the member.
      ReadUser can view data for elements assigned to the security class but cannot promote or reject.
      PromoteUser can view data for elements assigned to the security class and promote or reject.
      AllUser can modify data for elements assigned to the security class and promote and reject.

    3. Click Set.

    4. Optional: Click Add Alert to add an e-mail alert.

    5. Click Save.

  9. Click Next.

    Use the Security Reports tab to create security report that details the information that you selected while setting up application security. Consult online help for assistance.