Application Level Security
Application level security is achieved through restricting user access and blocking sites that are not explicitly allowed.
User Access
User access to P6 EPPM Web Services is similar to user access to P6 EPPM client/server products. To use P6 EPPM Web Services, you must log in as a user that has the appropriate product access privileges to access P6 EPPM Web Services as well as any other P6 EPPM applications that you will be accessing.
Additional security privileges determine each user's access to data.
To ensure security at various levels of data, P6 EPPM provides two sets of security profiles:
- Global profiles define a user's access to application-wide information and settings, such as the enterprise project structure (EPS), resources, roles, and cost accounts. Each user must be assigned a global profile. In addition to any global profiles that you define, P6 EPPM provides two predefined global profiles: Admin Superuser and No Global Privileges. The Admin Superuser profile allows complete access to all global information and all projects.
- Project profiles define a user's access to project-specific information. In addition to any project profiles that you define, P6 EPPM provides a predefined project profile called Project Superuser. The Project Superuser profile allows complete access to elements within a project.
P6 EPPM does not require that each user be assigned a project profile; however, users cannot access projects unless they are assigned a project profile or the global profile, Admin Superuser.
Global and project security profiles both apply when using P6 EPPM Web Services. P6 EPPM Web Services throws a fault if a user attempts to perform an action that is restricted by a security profile.
Allow Lists
You can select the Enable allow list filtering for web services option on the Integration and Allow Lists page of P6 Application Settings to restrict access to P6 EPPM Web Services to only the client IP addresses specified in the Web Services Allow List.
Related Topics
Defining User Access to Resources
Last Published Thursday, May 2, 2024