This documentation supports the 22.1 version of Action Request System.
To view an earlier version, select the version from the Product version menu.

Assigning permissions to access objects and requests

This section provides an overview of the AR System  access control. Topics include:

For information about role-based access, see Role-based access overview.

Access control is the AR System  mechanism that controls which users can open an application, form, or guide in a browser, can perform an action, and can create, view, modify, and delete a request. You can configure AR System to run with limited access privileges and access to limited set of resources on the host machine. This prevents malicious scripts or programs from being installed on the machine.

In defining access control, you must:

  1. Identify and create the groups and roles (for deployable applications) that reflect key functions in your company and the type of information each function must access.
  2. Create users on your Remedy AR System server and assign their respective groups to them.

Group membership ultimately determines which objects a user can access and which operations individual a user can perform. AR System  has various levels of security:

  • Server—Controls access to the AR System server . A user must be defined on a server or connect to it as a guest user if the server permits them.
  • Application, form, and workflow—Controls access to  AR System objects. A user must belong to a group that has permission to access an application, form, active link, or active link guide to see it and use it.
  • Request (or row)—Controls access to individual requests in a form. A user can have permission to view or change only requests the user created or those created by a member of a group to which they belong.
  • Field (or column)—Controls whether a user can view or can change a field in a form.

A user can have permission to view or change a request but cannot see or change individual fields unless the user also belongs to a group with the required field-level permission.

The following figure presents an overview of access control, and lists the questions that you can use to determine the access that users have to AR System .

Access control overview

Was this page helpful? Yes No Submitting... Thank you