1.1 About User Access Mapping
In order to allow users to access functions in the application, Administrators must classify users and the functions they are permitted to access.
The Functions imply controlling various actionable units in the application via
functional access. For example, create a case, add a customer, add an
account, and so on. Users are mapped to groups, which must be mapped to
specific security attributes, such as Business Domain and Jurisdiction.
Groups are mapped to Roles, and Roles are mapped to Functions. Users can
perform activities associated with their user group throughout the
functional areas of the application. Before mapping security attributes, you
must complete the following:
Security within the Application
Security layers control how you interact with the application. Users may
only access cases that are mapped to their user group. For more
information about mapping users to user groups, see Provision Users.
Table 1-1 Security Details within the Application
| Security Layer Type | Controls | Description |
|---|---|---|
| Roles | Access to Features and Functions | User roles identify which
features and functions the user can access within
the application.
For example, Case Analysts can access and take action on cases. |
| Business Domains | Access to Case and Business Information | You can restrict access along operational business lines and practices, such as Retail Banking. Users can only see cases that are assigned to at least one of the business domains their user group is mapped to. |
| Jurisdictions | Access to Case Information | You can restrict access using geographic locations and legal boundaries. Users can only see cases that belong to the jurisdiction their user group is mapped to. |