1. Securing Sales and Fusion Service
  2. Extend Access to Additional Objects for a Custom Role

Extend Access to Additional Objects for a Custom Role

You can provide custom roles with visibility to object data they can't currently access by creating new data security policies on those roles for the relevant object.

For example, if you want to provide sales managers with access to subscription account data for a specific initiative, then you have to create access to the relevant subscription account object for a custom version of the Sales Manager job role, because the Sales Manager job role doesn't provide access to this data by default.

To create access to a new object for a custom role:

  1. On the Sales and Service Access Management page, click the Manage Data Policies tab.

  2. Click the Create button.

  3. On the Create Policies page, search for the custom role whose access you want to extend in the Role field.

  4. Select the object you want to provide access to in the Object field.

    For example, select the object for subscription accounts, Subscription Account. The only objects available for selection are objects where data security policies are not already defined for the custom role.

  5. Click Find Policies.

    All the data security policies defined for the selected object are displayed in the Access Policies table. There are no permissions selected in the Permissions columns because data access to the object hasn't previously been configured for the custom role you selected.

  6. Locate the condition that provides the data access you want to implement for the object.

    For example, if you want to provide the custom sales manager role with read access to all subscription account records, use these steps:

    1. Locate the condition that provides the required access. In this example, locate the condition: Access the subscription account for table ATC_SUBSCR_ACCOUNTS for all subscription accounts.

    2. Click the Read check box for this condition.

    3. Specify a Start Date of today and an appropriate End Date.

  7. Click Save and Close.

    On the Manage Data Policies page, the new policies you added are now listed in the Active Policies table for the role and object.

    Note: You can view data security for custom objects using the Sales and Service Access Management work area, but you can only edit security policies for custom objects using Application Composer.