Establishing Self-Service Security for Suppliers

You establish overall security for PeopleSoft eSupplier Connection just as you do for any other PeopleSoft application: by associating a permission list (which controls access to the system's web page components) with a role and associating the role with a user profile (user ID). Each user has one user profile but can be assigned multiple roles.

See also the product documentation for PeopleTools: Workflow Technology and PeopleTools: Security Administration.

Note: Your PeopleSoft users are internal, while your suppliers' users are external.

Self-Service Security Sample Data

PeopleSoft delivers sample permission lists, roles, and a user profile (SUPPLIER) as examples of how to set up supplier data and control self-service transactions. This example of the Roles search page (PeopleTools > Security > Permissions & Roles > Roles) shows the sample roles that PeopleSoft provides for supplier-facing transactions.

This example illustrates the sample roles that PeopleSoft provides for supplier-facing transactions on the Roles search page.

Roles search page (example)

Note: All external supplier users must be assigned the Supplier - External User role (or one with similar permissions) to access the PeopleSoft system; it features PeopleTools-related permissions that control personalization and navigation access. In addition, if your installation includes the PeopleSoft Applications Portal, all external supplier users must also be assigned the PAPP_USER role (or one with similar permissions). The role contains the permissions that are necessary for homepage personalization and configurations.

To view the sample permission lists that are associated with the provided supplier roles:

  1. Access the Roles component in PeopleTools Security.

  2. Select a sample supplier role from the list on the Roles search page.

    The Permission Lists page in the Roles component displays the associated sample permission lists.

  3. Click View Definition to access the Permission List component, where you can view the pages that are enabled by the selected permission list.

Internal Supplier Administrators

To set up security for external PeopleSoft eSupplier Connection users, at least one internal user, the supplier application administrator, must be assigned the PeopleSoft Supplier-Application Admin role. With this role, the administrator can create and update user IDs (except his or her own) to grant external supplier access to PeopleSoft eSupplier Connection. Suppliers must first be assigned at least one supplier ID as part of user ID creation.

To set up external users, use the internal Supplier User pages (Suppliers, Supplier Setup/Maintenance, and Supplier User).

External Supplier Administrators

To enable external users to administer security, the internal supplier application administrator must assign the Supplier-Application Admin role to at least one external user who belongs to each supplier ID.

External supplier administrators can:

  • Create and update users within the supplier ID to which they have access.

  • Grant self-service transaction access to the supplier IDs to which they have administrative access.

You can assign a variety of roles to the suppliers' users. To enable an administrative user to create new users and grant new user roles, that user must have role grant capabilities, which you define on the Role Grant page within PeopleTools (PeopleTools > Security > User Profiles > Roles > Role Grant).

This example illustrates how the page appears.

This example illustrates the fields and controls on the Role Grant page.

 Role Grant page (example)

User Maintenance Example

This diagram illustrates internal and external-based user maintenance flow where an internal system administrator controls the overall setup of supplier information, and external administrators setup external user within the supplier's organization.

 Internal and external user maintenance example