Introduction of Identity Access Control in AFCS

Identity Access Control (IAC) provides a flexible and scalable framework for managing user-level access to data within our reporting and analytics systems. IAC enables administrators to define, at both a global and dimension-specific level, which users are permitted to view specific data elements (such as products, legal entities, or custom dimensions), directly supporting fine-grained row-level security.

With IAC, mapping tables define user entitlements for each dimension, and enable or disable access centrally. When IAC is enabled for a dimension, users see only the data members they are authorized to view. If a user is not mapped to any members for a particular dimension—or IAC is disabled—open access is allowed and the user can see all members for that dimension.

• Data Security: Helps ensure that each user only sees the data relevant to their authorization, supporting compliance with data privacy and security regulations.
• Operational Efficiency: Reduces manual effort for IT and administrators by offering centralized, table-driven security management with clear on/off controls for each dimension and globally.
• User Experience: Automatically adapts the data users see based on their assigned permissions—no need for custom reports or manual filtering.

Steps to Enable and Configure

You don't need to do anything to enable this feature.