Revoking Proxy Access

A proxy’s access to a transaction can be manually revoked either by a delegator (Share My Information – Details self-service page), or by an administrator (Review Shared Information – Details page) by simply deselecting a previously delegated transaction. At that moment, the transaction status is set to Ended (or marked in the record as Revoked) and evaluated to determine if the same transaction is also delegated by a different delegator. If that is the case, the logic does not remove the role associated to the revoked transaction from the proxy’s user profile—the proxy still needs to have access to the delegated components to access other delegators’ data. If no other delegators exist, then the proxy’s user profile is automatically updated. At the time of revoking the transaction, the Notifications framework is triggered to notify the proxy via email about the revoked transactions.

A proxy’s access to a transaction can also be programmatically revoked by the Proxy Access Validation (PAV) engine.

When a transaction is revoked, a revoke reason is given based on the condition it was revoked. The following table describes the various revoke reasons and how they are assigned.

Revoke Reason Values

Where this value is set

Who or what sets that value

Results

Manual Revoke

  • In the Share My Information – Details component, when the delegator manually deselects a transaction name

  • In the Review Shared Information – Details component, when the administrator manually deselects a transaction name

  • Delegator

  • Administrator

  • Transaction status is set to Ended (or marked in the record as Revoked) for the delegator/ proxy relation

  • Email notification is sent to the proxy

  • Proxy’s user profile is updated by removing the role tied to the revoked transaction if the proxy’s user profile is known and no other delegator delegated the proxy access to the same transaction

Proxy Delete

  • In the Share My Information – Summary component, when the delegator manually deletes a proxy

  • In the Review Shared Information – Summary component, when the administrator manually deletes a proxy

  • Delegator

  • Administrator

  • Transaction status for all delegated transaction is set to Ended (or marked in the record as Revoked) for the delegator/proxy relation

  • Email notification is sent to the proxy

  • Proxy’s user profile is updated by removing the role tied to the revoked transaction if the proxy’s user profile is known and no other delegator delegated the proxy access to the same transaction

Declined Terms and Conditions

In the Proxy Terms and Conditions component when the Proxy declines the terms and conditions

Proxy

  • Transaction status for all delegated transaction is set to Ended (or marked in the record as Revoked) for the delegator/proxy relation

  • Email notification is sent to the proxy

Security

When the revoke proxy access option selected for the transaction is “Delegator no longer has access to delegate the transaction.” The following validation occurs:

  • When the delegator accesses the Share My Information – Summary component.

  • When the administrator accesses the Review Shared Information – Summary component

  • When the proxy accesses a delegated component and activates the component search record

PAV real-time logic

  • Transaction status for all delegated transaction is set to Ended (or marked in the record as Revoked) for the delegator/proxy relation

  • Transaction record (SCC_DA_PRXY_TXN) is flagged to be picked up later by the PAV batch process

The Proxy Access Validation batch process runs.

PAV batch process

  • Transaction status is set to Ended (or marked in the record as Revoked) for the delegator/ proxy relation

  • Email notification is sent to the proxy

  • Proxy’s user profile is updated by removing the role tied to the revoked transaction if the proxy’s user profile is known and no other delegator delegated the proxy access to the same transaction

Inactive Transaction

When the revoke proxy access option selected for the transaction is “Transaction Inactivated.” The validation occurs:

  • When the delegator accesses the Share My Information – Summary component.

  • When the administrator accesses the Review Shared Information – Summary component

  • When the proxy accesses a delegated component and activates the component search record

PAV real-time logic

  • Transaction status for all delegated transaction is set to Ended (or marked in the record as Revoked) for the delegator/proxy relation

  • Transaction record (SCC_DA_PRXY_TXN) is flagged to be picked up later by the PAV batch process

The Proxy Access Validation batch process runs.

PAV batch process

  • Transaction status is set to Ended (or marked in the record as Revoked) for the delegator/ proxy relation

  • Email notification is sent to the proxy

  • Proxy’s user profile is updated by removing the role tied to the revoked transaction if the proxy’s user profile is known and no other delegator delegated the proxy access to the same transaction

Note: The revoke reason value can be seen only by an administrator in the Review Shared Information component. The delegator does not see the revoked transactions in the Share My Information component.