1. How do I get started with Enterprise Contracts?
  2. Contracts Business Units and User Access

Contracts Business Units and User Access

The Contracts security model provides different levels of access to administrative and nonadministrative users. Administrative users can edit contracts in all the business units (BUs) they're authorized in. See the How do I create and manage users? playbook for more information.

BUs and team member security can determine which contracts a user has access to. Contract security works this way:

  • Users must be a sales resource to create or edit a contract.
  • Only a sales resource or sales resource organization can be team members on a contract.

The BUs that a user can access is based on the resource organization the user is mapped to as a resource.

Here's how administrative and nonadministrative user access to contracts is determined in the UI:

  • Administrative users can create or edit contracts in all the BUs they're authorized in.
  • Nonadministrative users can create contracts in all the BUs they're authorized in. They also have access to contracts based on team membership, as follows:
    • They can view and edit contracts of other BUs provided they're team members in those contracts.
    • All the managers of the organization in the upward resource hierarchy of a team member can also access the contract. For example, if User A is the manager of User B, User A will can edit the contract of User B. User A can access this contract irrespective of whether they're listed as a contract team member.

    • All the users below the hierarchy are also authorized on the contract.

Tip: The real power of team security can be seen when you're talking about users who don't have access to particular BUs. For example, take User C, who doesn't have access to the BU that User D is using. Add User C as a team member of the contract. User C can access the contract, even though he doesn't have access to the BU.

This table illustrates the user access scenario:

Contract Privilege

Administrative User

Non-Administrative User

Create contracts

Can create contracts in all the BUs that the user is authorized in, based on their resource/resource organization mapping.

Can create contracts in all the BUs that the user is authorized in, based on their resource/resource organization mapping.

Edit contracts

Can edit all the contracts of the BUs that the user is authorized to.

Can edit all the contracts in which the user is a team member.

Note:

  • Even if a user is authorized in a BU, the user might not be authorized for all contracts in that BU.

  • Users can access contracts even if they're not authorized in its BU, provided they're on the contract team.
Caution: Be sure to give team member-type roles to nonadministrative users and not any roles that give contract administrator or contract manager-type privileges. Otherwise, users will be able to see contracts that are created in other BUs.