Parent Topic

Authorization Role

Previous Topic

Next Topic

Book Contents

Book Index

Steps for Adding a New Authorization Role

Creating a New Authorization Role:

  1. From the Configurations section>System card select the Authorization Role screen.
  2. Click on the Add button to add a new role.
  3. Enter a short, alphanumeric Code to identify this role, and a Description to describe it.
  4. In the Self Assignment field, indicate whether employees with this role have access to their own record, even if they don't have access to other employees in the organization unit.
  5. Indicate whether this role is Active (Yes/No).
  6. In the Is Deny Access Overrideable field, indicate whether the inherited Data Access can override direct denied access.
  7. In the

    Is Available Externally

    field, select whether the role can be used when a web server is defined as an external web server.
  8. Save the record.
  9. The Authorization Control button is now enabled. Select this button. In the left pane, the Authorization Policy Hierarchy shows the different section and screen options, displayed in a tree view.
  10. Highlight the Root level in the left pane.
  11. The right pane displays all the options below the root level, including all the sections that are displayed on the tool bar.
  12. For each option that should be assigned to this role, click on the Add button to the left of the record. This button is now changed to Remove. Note: Assigning access to the sections allows the users to view and select the section icons in the tool bar. This access is required in order to access the cards and screens under the section.
  13. If the role is to include any action policies, highlight the Actions Section level in the Authorization Policy Hierarchy. A listing of all the cards options in the Action section is displayed.
  14. Click on the Add button of each card that this role should have access to. The button is now changed to Remove. Note: Adding access to the cards allows the employees to view and select the cards in the section screens.
  15. In the Authorization Policy Hierarchy, highlight a card that the user should have access to. All of the screens within the card are displayed.
  16. For each screen the user should be able to access, click on the Add button. The button now changes to Remove.
  17. Some of the screens do not need any additional configuration. For example, the Change Password and Change PIN authorizations give the user execution rights to these functions.
  18. Other screens need additional configuration of access levels. Click the card arrow on the record to open and view the details.
  19. On the General tab, for each level of access, select Yes or No to indicate if users should have that level of access for the general record.
  20. If there is a Field tab, click on that to configure individual fields.
  21. The check boxes indicate the level of access granted for each of the listed fields. The settings default to the levels set up on the General screen, but any of the fields can be updated here by checking or un-checking the boxes.
  22. The Exclusion Time tab is available on some policies. This opens a screen to configure days and times that the policy is not available to users with this role. For example, employees can be excluded from checking benefit balances during shift change times. For more information on setting up this tab see Configuration section>System card>Roles>Exclusion Time tab.
  23. Click on the Save button. The access levels are displayed on the screen.
  24. Continue down the Authorization Policy Hierarchy tree, giving access to the Sections, Cards, Screens and Fields (if applicable) that the users in this role should be able to access.
  25. Click on the Level Assignments section button in the left pane.
  26. Enter the Authorization Level to indicate the level of access for this role (e.g. administrator, supervisor, employee, etc.)
  27. Enter the Authorization Level Category (used for supervisor Authorization Level assignments) to determine if the supervisor access should be approver, editor, or read only.

    Note: Role assignments can be granted to employees either through their primary home organization unit in the Configuration section>Organization Unit card>Organization Unit screen>Roles section or through the Employee section>Employee record>Roles screen.