This documentation supports the 21.3 version of BMC Helix Innovation Studio.

To view an earlier version, select the version from the Product version menu.

Controlling user access by assigning permissions to Shell menu elements

You can control access to Shell menu elements of view components by assigning appropriate permissions to the elements in BMC Modern Shell. BMC Modern Shell is a built-in landing page and default menu system that is configured for every application. You can assign permissions to Shell menu elements, such as menu groups and menu items. 

This capability provides the following benefits:

  • Controls access to certain Shell menu elements.

    End users who have appropriate permissions can view and access the application's Shell menu elements. Users without appropriate permissions cannot view or access the Shell menu elements.

  • Protects against unauthorized access or activity through menu elements during application runtime. 

For example, if you assign permissions to the Administrator group for a Shell menu element, only those users belonging to the Administrator group, such as IT Helpdesk Administrators, can see and access the Shell menu element. Users who are not a part of the Administrator group, such as IT helpdesk agents, cannot access the Shell menu element.

You can assign permissions to Shell menu elements while customizing the applications in BMC Helix Innovation Studio. 


If permissions are not assigned for a Shell menu element, by default, BMC Helix Innovation Studio assigns public permissions to that menu element. All end users, regardless of their user role or group, can see and access the menu element.

The following image provides additional information about assigning access permissions to Shell menu elements:

To assign permissions to Shell menu elements 

  1. Log in to BMC Helix Innovation Studio and navigate to the Workspace tab.
  2. Select the application that you want to modify.
    The application details are displayed.

  3. From the application, click Navigation.

    The BMC Modern Shell Designer is displayed.

  4. From the Shell Navigation section, select the Shell menu element for which you want to control access.

    You can select any one of the following Shell menu element:

    Shell menu elementDescriptionExample
    Menu groupCombines one or more menu items into a group. You can add the menu group to the navigation bar and add menu items in the menu group.

    The following image shows an Administration menu group:

    Menu itemLaunches an action in a navigation bar, such as navigate to a view, navigate to a state, or launch a URL.

    The following image shows Customer groups and Customers menu items within the Administration menu group.

  5. From the Settings tab of the Properties pane, click Edit beside Permissions as shown in the following image:

  6. In the Add Edit Permissions dialog box, specify the user permissions by providing the following information and click Save to save the permission updates:

    TypeSpecify whether you want to assign permissions to a user group or user role. A user can acess the Shell menu element if a group the user is in has access, or a role mapped to such a group has access. You can provide permissions for any of the following user profiles:
    • User group: Provides access to user groups based on a common profile. For example, assigning permission to Administrator user group.
    • User role: Provides access to user roles for specific applications. Application roles are permissions similar to groups, except that they belong to a particular application, instead of a particular server. Application roles are used exclusively in deployable applications.
      For more information, see Creating and modifying application roles.
    GroupSelect the user group or user role to which you want to assign access permissions. Only those users who belong to the selected group or role can view and access the Shell menu elements.

    The following image shows the Edit Permissions dialog box for Administration menu group:

  7. Click Save to save the changes made for the application. 

    The permissions are assigned to the Shell menu elements. 

When end users access the deployed application, those who belong to the Administrator user group, such as IT helpdesk administrators, can view and access the Administration menu element, as shown in the following image:

End users who do not belong to the Administrator user group, such as IT helpdesk agents, cannot see the Administration menu element. These end users can see other elements as shown in the following image:

Related topics

Creating and customizing application views by using Shell

Creating or modifying view definitions

Was this page helpful? Yes No Submitting... Thank you