Skip to main content

OrgChart Help Guide

Branch Level Security

Audience:

Audience: Administrators Edition: Enterprise

Overview

Administrators can limit which branches a user can access by creating Branch Level Security profiles.

Accessing Branch Level Security

Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.

Click on the Account Settings tile.

Setup_Account_Settings_Select.png

Click on the Security tab in the left side menu.

5_2_2_Security_Panel_with_Arrow.png
Branch Level Security Options
5_2_CreateNewProfile_button.png

Create a new Branch Level Security Profile.

5_2_1_BlueGear_nofill.png

Mouse over to configure Branch Level Security Profile. See the Security Configuration Options section below for more information.

5_2_1_Penci_bluel_noFill.png

Mouse over to rename Branch Level Security Profile.

5_2_1_Copy.png

Mouse over to copy Branch Level Security Profile.

5_2_1_Trash_nofill.png

Mouse over to delete Branch Level Security Profile.

Security Configuration Options

In the Security Configuration panel, Administrators can set the conditions under which users assigned to the selected Branch Level Security Profile are allowed to view specific branches.

Profile Details

Name

Name of the selected Branch Level Security Profile.

Description

Description of the permissions set in the selected Branch Level Security Profile.

Rule Configuration

The following options allow Administrators to define under what conditions users assigned to the selected Branch Level Security Profile are allowed to view specific branches. Click on each rule type for more information.

5_2_Plus_Update.png

Add a Branch Security rule.

5_2_Delete.png

Delete Branch Security rule.

Branch Pruning

Check to enable Branch Pruning, so that only records meeting the BLS profile criteria are displayed.

Note

This option is best utilized for the Restrict to Own Branch BLS profile, and may lead to disconnected branches.

Reference the Branch Pruning section of the Restrict to Own Branch Example article for more information.

Self + Subordinates

Access permitted for a user and all records reporting to that user.

Optionally, click + to specify how many levels above that user are accessible.

Click the - to decrease the number of accessible levels above that user.

Branch Access Field

Access to branches is data-driven.

You must have a Branch Access dedicated field populated with a comma-delimited list of PersonIDs assigned to the top-box records of each accessible branch.

Restrict to own branch

Access own branch (defined by a specific field).

Enumerated Branches

Access only the branches whose top box IDs are selected in the Allowed Branches dropdown menu.

Assigning Branch-Level Security Profiles

In order to enable Branch Level Security for a user, Administrators must assign a Branch Level Security profile to that user's Access Group.

  1. In the Account Settings panel, click on the Access Group tab in the left side menu.

    5_2_2_AC_AccessGroups_Arrow.png
  2. Click on Create Group in the bottom left corner. The following Access Group Configuration panel is displayed:

    5_2_NewAccessGroupPanel.png
  3. Enter a name in the Access Group Name text box.

  4. Check the Branch Level Security checkbox (under the Chart Settings heading). A dropdown menu appears (as seen in the screenshot below).

    5_2_BLS_Assign.png
  5. Select the Branch Level Security profile you want to assign to this Access Group.

  6. Once you have finished configuring this Access Group, click Save. Reference the Account Settings: Access Group article for more information on configuring Access Groups.

  7. Click on the Settings dropdown, and then select the Manage Users option.

  8. Mouse over the user to whom you'd like to assign the new Access Group , and then click on the 5_2_1_Penci_bluel_noFill.png icon.

  9. Click on the Group dropdown menu, and then select the new Access Group option.

    5_2_AssignGroupToUser.png
  10. Click Update.

Note

Note: Administrators can impersonate the user to test the permissions. Reference the Admin User Impersonation article for more information.