User access to an application is determined by the access group to which a user belongs. Lets learn about How to Managing user access with Access Groups in Pega 8
Each access group references an application version that the user can access and the roles that the user belongs to when logged in.
Access Groups:
When creating a new access group, consider how the access group differs from existing access groups.
- Identify the application and application version for the access group.
- Identify allowed portals for user interaction.
- Allowed access roles for group members.
- Identify the cases that users can create.
If the access group you plan to create does not provide a unique combination of these factors, reevaluate the need for the access group.
Note: When you create a new access group, enter the access group name in the format ApplicationName:JobDescription
Identify the application and application version for the access group:
When configuring the access group, identify the application and application version that users will use.
This identifies the rulesets that are added to the ruleset list for the user, which determines how users process cases.
In the above screenshot it shows an access group configured to allow users access to version 01.01.01 of the HelloWorld application.
Note: If your application uses production rulesets, list the production rulesets used by the access group on the Advanced tab of the access group record.
Consider creating a new access group to reference the new application version, and add the access group to the operator ID record. Users can then switch between the two access groups from the Operator menu.
Identify allowed portals for user interaction:
An access group specifies the portal. Portals that members of the access group use to perform work.
When identifying portals to add to an access group, select portals that align to the roles assigned to the access group. Example, if members of an access group are managers, add the Manager portal to the access group record.
If an access group lists more than one portal, the remaining portals are available to users from the Operator menu.
Note: In Dev Studio, additional portals are listed in the Launch web interface menu, rather than the operator menu. In App Studio, additional portals are listed in the Application view menu.
Identify allowed access roles for group members:
An access group identifies the access roles granted to members of the group.
- Adding a role to an access group grants the access control and privileges for the role to the user.
- To add an access role to an access group, list the Access Role Name record in the Available roles section of the Definition tab of the access group record.
When configuring an access group, identify the access roles that grant or deny privileges to match the needs of members of the access group.
An access group can reference more than one access role. Pega applies the most-permissive setting across all the access roles.
Identify the cases that users can create:
An access group identifies the types of cases that members of the group can create and process.
To identify the case types that members can create, you identify one or more work pools for the access group on the Advanced tab of the access group record.
A work pool is a set of case types a user can work on in an application.
Each work pool corresponds to a class group defined in the application or a built-on application.
Note: If you application uses case types defined only in the Framework layer, add the class group of the framework layer to the access group to allow users to create cases using case types defined in the framework application.
Hope you learned about How to Managing user access with Access Groups in Pega 8
