Defining User Groups

A user group is a group of users who have the same degree of security access. Think of a user group as a "role"; associated with a role are:

  • The users who play this role
  • The application services to which the role's users have access (along with the actions they can execute for each service and their field level security authorization levels).

Refer to Secured Objects and Application Services and Field Level Security for more information about access modes and security types.

CAUTION: Important! If an application service supports actions that modify the database other than Add, Change, and Delete; you must provide the user with Change access in addition to the other access rights. Consider a transaction that supports actions in addition to Add, Change, and Inquire (e.g., Freeze, Complete, Cancel). If you want to give a user access to any of these additional actions, you must also give the user access to the Inquire and Change actions.

This portal allows a security administrator to view and manage information about a user group.

You can access the portal from theAdmin Menu > Security > User Group. You are brought to a query portal with options for searching for a specific user group. Once a user group has been selected you are brought to the maintenance portal to view and maintain the selected record.

CAUTION: Application services may not be changed or removed from the ALL_​SERVICES user group. Refer to Base Delivered User / User Groups for an explanation.

The following zones may appear as part of the portal's Main tab page

  • User Group. This zone provides information about the selected user group.
  • Application Services. This zone lists application services linked to the selected user group. You may use this zone to edit the information for an specific application service or use mass actions to remove selected services or update their effective date.
  • Add Application Services. You may use this zone to add application services to the selected user group.

The following zones may appear as part of the portal's Users tab page

  • Users. This zone lists users linked to the selected user group. You may use mass actions to remove selected users or update their effective date.
  • Add Users. You may use this zone to add users to the selected user group.

The following zones may appear as part of the portal's Service Manager tab page

  • Application Service / Access Modes. This zone lists application service and access mode combinations currently linked to the selected user group. You may use mass action to remove a selected set of records.

  • Add Application Service / Access Modes. You may use this zone to add application service access mode records.

  • Security Type Authorization. This zone maintains field level security for application services included in the selected user group.

The following zone may appear as part of the portal's Secured Components tab page

  • Application Components. This zone allows you to review various types of application components secured by the selected user group. The query is similar to the Application Security Query restricted to the current user group.