Access to Portal Profiles based on Security Roles
Access to a specific Portal Profile can be restricted to users with a specific security role. Access to a profile can be full or restricted.
In the web.config file make sure the name of the Portal Profile is set.
Setting security roles
This configuration enables users with a security role to see the Portal Profile. However, it can also exclude items from their viewing access. Depending on your business needs, you can add a security role to access the Profile or set restrictions to a security role or combinations of security roles with different viewing/ editing rights.
After having created the Portal Profile, follow these steps:
- Open Innovation Studio, go to Digital Experience in the Main Menu > Digital Frontends > Portal Profile.
- Open the individual profile you wish to edit.
- Scroll down to the Restrict Access to Selected Security Roles grid.
- Click Insert existing to insert a new security role or Remove existing to delete access of a role.
- Select the role you wish to add to the Portal Profile. Repeat as many times as needed to grant access to security roles.
- After inserting the role, double- click it.
- In the security item grid, click Insert and a new window will open. Fill in the fields.
-
To add a security item, from the Security Items section, click the Insert button. The Add Security Item page is displayed. In the Entity field, type the entity name or click the down-arrow and select it from the list. In the Security Operation field, type the record-level privilege (CRUD operation) or click the down-arrow and select it from the list. You can choose one of the following:
Read Allows users to view records. Update Allows users to update records. Insert Allows users to add new records. Delete Allows users to delete records. In the Security Scope field, type the level of access or click the down-arrow and select it from the list:
User Privileges to the records owned by the user or assigned to the user. Parental Privileges to all records owned in the business unit to which the user belongs to, including privileges to the records owned in the child business units. Business Unit Privileges to all records owned in the business unit to which the user belongs to. Organization Privileges to all records in the organization regardless of their owner. You can add as many items as you need by clicking the Save and reload icon and providing the new security item details. For more information, see Creating Security Roles.
- Click the Save and close button in order to close and return to the Portal Profile editing page. Repeat for as many security roles as needed.
Restrictions
Here, it is also possible to exclude items from specific security roles.