Application Level Security
P6 EPPM provides security at the application level. The user account you specify when sending requests to the API must be authorized to access P6 EPPM Web Services and the objects requested through the API endpoints. There are no separate security privileges for the API. The user accounts you use to access objects through the API will abide by the same privileges assigned to the account within the application.
User Access
User access to P6 EPPM Web Services is similar to user access to P6 EPPM client/server products. To use P6 EPPM Web Services, you must log in as a user that has the appropriate product access privileges to access P6 EPPM Web Services as well as any other P6 EPPM applications that you will be accessing.
Additional security privileges determine each user's access to data.
To ensure security at various levels of data, P6 EPPM provides two sets of security profiles:
- Global profiles define a user's access to application-wide information and settings, such as the enterprise project structure (EPS), resources, roles, and cost accounts. Each user must be assigned a global profile. In addition to any global profiles that you define, P6 EPPM provides two predefined global profiles: Admin Superuser and No Global Privileges. The Admin Superuser profile allows complete access to all global information and all projects.
- Project profiles define a user's access to project-specific information. In addition to any project profiles that you define, P6 EPPM provides a predefined project profile called Project Superuser. The Project Superuser profile allows complete access to elements within a project.
P6 EPPM does not require that each user be assigned a project profile; however, users cannot access projects unless they are assigned a project profile or the global profile, Admin Superuser.
Global and project security profiles both apply when using P6 EPPM Web Services. P6 EPPM Web Services throws a fault if a user attempts to perform an action that is restricted by a security profile.
For information on configuring user access refer to the Primavera Administration Identity Management Administration Guide for cloud deployments or the P6 EPPM Application Administration Guide for on-premises deployments.