Basic user setup has been completed but now you want to specify criteria on what they can access.

We will walk through different scenarios so you can better understand how different setups can work to streamline your company’s objectives when it comes to users’ access.

In my previous blog I covered basic user setup using some default values and settings.

Check it out here.

Now we are going to dive into some of those options so you can experience the full capability usage of these areas.

I will cover the setup and functionality of:

• Function Profile
  • Authorizations
• Groups
• Roles
• Security profiles

Function Profile

Found in All, Setup, Users, Function Profile

Like most other areas of X3, you have the ability to choose an existing function profile as a starting point if you have one that is similar to the one you want to setup.

Starting a “New” function profile does require a fair amount of setup so let’s dive into it.

Click New.

• Give this a profile a code and description.
• Click Create to save this new profile record.

Access

You can tick the following options to grant full control within functions and areas protected by access codes but we want to detail what this user has access to so we will not tick these options.

1. All authorized functions.
2. All access codes.

Let’s setup the authorized functions.

• Click the “Authorizations” button.

This will show the list of functional authorizations if you have used a template. As we are creating a new profile you won’t have any values yet so let’s add some.

There are 2 ways to add functions.

1. “Jump to” icon in the “Function” field. (Typically used to add a function to an existing profile)
2. “Addition” button on the top bar. (Can multi select functions)

Considering there are currently no values we will use “Addition” as it will speed up the process instead of selecting each individual function.

• Click the Addition

By default, the functions you are selecting are granting access to the users linked to this profile.

Controlled by the “Access” tick box.

There are 2 ways to add functions to your profile.

1. Using the left panel, you can click the box to select all functions within that function family or using the arrows navigate within the module to select individual functions.
2. Clicking the “Module” button will prompt you to select a module that you will be granting access to. (All functions within that module are added)

After clicking “Module”:

I’ve selected “Sales” from the module selection, once accepted this is what will show in functional authorizations. The same outcome is reflected if you simply clicked the box next to “Sales” on the left list.

You can use these 2 methods together to speed up this process.

I’ve selected “Sales” under modules, but I’d like to remove access to Deliveries, so I will untick that box on the left list to prevent access to deliveries on this profile.

Once you are satisfied with the functions you’ve selected go ahead and click save.

Closing out of all existing functions will force a function update to push out all the changes made.

Roles, Groups & Security Profile

These 3 sections are setup through the Administration module.

We will be navigating to each section through the site map then will link what we’ve created to our user.

First, let’s create a “Security Profile”.

Go to All, Administrator, Users, Security Profile.

Click “New Security Profile”

1. Add a “Code” and “Description”
2. Choose a customization level:
   1. Administrator: the user can modify authored page shared by several users.
   2. User: personalization is allowed, but only on a page that is dedicated to the user.
   3. None: no personalization is allowed.
3. Allow Office document upload: Defines whether the user can upload Office documents or not. By default, it is deactivated to protect against malicious Office documents. It must be activated so that the user can upload Office documents.
4. Security Level: Profile levels range from 0 to 99. A user can only create/modify security profiles that are higher than the Security profile he is associated with. In other words, a user with Security level 10 can only view /maintain Security profiles with security level 11 and above.

Authorizations

For every code, you can select the check boxes to define the access rights granted by the security profile. When a check box is cleared, the access right is denied. A user cannot provide access to codes for which they don't have rights. If it is the case, the corresponding check boxes are disabled.

The access rights are the usual CRUD access (Creation, Read, Update, and Delete), plus an additional Execution right. The execution right controls dedicated operations, more detail on this can be found in the Online Help.

• Select the options you want this profile to be able to accomplish.
• Click Save.

Roles

Now we will create a Role and link the security profile we created to it.

Go to All, Administrator, Users, Roles.

Click “New Role”

1. Add a “Code” and “Description”
2. “Groups”: This will be linked when we set it up in the next section.
3. “Badges”: Clicking the Plus will generate a list of available badges you can link to this role.
   1. Select the ones that you would like this role to consume when connected.
4. Select the “Security Profile” we just created.
   1. At this point, if you have a Home or navigation page you want this role to access as a default select it now.

• Click “Save”

Groups

Lastly, we will setup a group and begin to link everything together.

Go to All, Administrator, Users, Groups

Click “New group”

1. Add a “Description”
2. Role: Link the Role we created by using the magnifying glass icon.
3. Users: You can link the user that we created or leave this blank and add the Group to the user record. I’ll link this now.
4. Endpoints: Select all endpoint this Group will be able to access.
5. Default endpoint: Select the endpoint that will open when a member of this group connects to X3.

We’ve now successfully setup a user to have login access, specific functional authorizations and security access.

You can use this guide in combination with Online help to achieve a variety of specific requirements that you can apply to new or existing users.

I hope you can benefit from some or all the information provided.

Thanks for tuning in.