Understanding PeopleSoft Security
PeopleSoft security is based on permission lists and roles.
To administer security:
Create permission lists.
Create roles and attach permission lists to roles.
Create user IDs and attach permission lists and roles to user IDs.
Create Permission Lists
Create permission lists and assign to them access to menus, components, component interfaces, pages, global functionality, along with other information. Permission lists are assigned to roles; however, some permission lists are assigned directly to the user.
Important! Be sure to start with a thorough analysis of your security requirements. For example, if a user has access to a position management page that uses a component interface to update the job data tables, then the user needs permissions for the job data component interface as well as for the position management page.
Create permission lists using the Permission Lists component (ACCESS_CNTRL_LISTX) or Copy Permission Lists component (PERMISSION_SAVEAS) by navigating to
and selecting the appropriate permission list component.Note: Assign data permission to permission lists on the Security by Dept Tree page (SCRTY_TABL_DEPT) and the Security by Permission List page (SCRTY_CLASS) by navigating to and selecting the appropriate component.
See PeopleTools: Security Administration, "Setting Up Permission Lists".
Create Roles
Create roles and assign permission lists to the roles. The access you granted to the permission lists combines under the role. For example, you would assign the permission lists required by your workforce's managers to the role of Manager which, combined, give your managers security access to all elements of the system that managers need. Roles are assigned to the user.
Create roles using the Roles component (ROLEMAINT) or Copy Roles component (ROLE_SAVEAS) by navigating to
and selecting the appropriate roles component.See PeopleTools: Security Administration, "Setting Up Roles".
Create User IDs
Create user IDs and assign to user IDs roles and permission lists to give them access to the system as appropriate.
In addition to the permission lists assigned to roles, the following four specific permission lists are assigned directly to the user on the User Profile - General page (USER_GENERAL) by navigating to
Unlike the permission lists assigned to roles, users can have only one each of these four permission lists:Navigator Homepage
Navigation homepages are used by PeopleSoft Workflow.
Process Profile
Process profiles contain PeopleSoft Process Scheduler authorizations.
Primary
Primary permission lists grant global security.
Row Security
Row Security permission lists grant data-permission security based on a department security tree. Assign data permission to permission lists on the Security by Dept Tree page.
Note: On the Security by Permission List page you can assign data permission to permission lists that you attach to roles.
Roles and permission lists combine under the user ID to give users their security access. For example, the HR Training Manager would have the roles of manager, instructor, and employee to meet her access needs as a manager, instructor, and employee. Managers in different departments would have the same manager and employee roles, in addition to other roles that meet their needs.
Assign roles to users using the User Profiles - Roles page (USER_ROLES) by navigating to
:See PeopleTools: Security Administration, "Administering User Profiles"