Application level security is achieved through restricting user access and blocking sites and services which are not explicitly allowed.
User Access
User access to P6 EPPM Web Services is similar to user access to P6 EPPM client/server products. To use P6 EPPM Web Services, you must log in as a user that has the appropriate product access privileges to access P6 EPPM Web Services as well as any other P6 EPPM applications that you will be accessing.
Additional security privileges determine each user’s access to data.
To ensure security at various levels of data, P6 EPPM provides two sets of security profiles:
- Global profiles define a user’s access to application-wide information and settings, such as the enterprise project structure (EPS), resources, roles, and cost accounts. Each user must be assigned a global profile. In addition to any global profiles that you define, P6 EPPM provides two predefined global profiles: Admin Superuser and No Global Privileges. The Admin Superuser profile allows complete access to all global information and all projects.
- Project profiles define a user’s access to project-specific information. In addition to any project profiles that you define, P6 EPPM provides a predefined project profile called Project Superuser. The Project Superuser profile allows complete access to elements within a project.
P6 EPPM does not require that each user be assigned a project profile; however, users cannot access projects unless they are assigned a project profile or the global profile, Admin Superuser.
Global and project security profiles both apply when using P6 EPPM Web Services. P6 EPPM Web Services throws a fault if a user attempts to perform an action that is restricted by a security profile.
Allow Lists
Before any web services can interact with P6, they must be added to the Web Service Allow List in on the Integration and Allow Lists page of P6 Application Settings.
Add the address of the required web services to the Web Services Allow List using CIDR (Classless Inter-Domain Routing) notation.