Branch Level Security
Audience:
Audience: Administrators Edition: Enterprise
Overview
Administrators can limit which branches a user can access by creating Branch Level Security profiles.
Accessing Branch Level Security
Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.
Click on the Account Settings tile.
Click on the Security tab in the left side menu.
Branch Level Security Options
Create a new Branch Level Security Profile. | |
Mouse over to configure Branch Level Security Profile. See the Security Configuration Options section below for more information. | |
Mouse over to rename Branch Level Security Profile. | |
Mouse over to copy Branch Level Security Profile. | |
Mouse over to delete Branch Level Security Profile. |
Security Configuration Options
In the Security Configuration panel, Administrators can set the conditions under which users assigned to the selected Branch Level Security Profile are allowed to view specific branches.
Profile Details
Name | Name of the selected Branch Level Security Profile. |
Description | Description of the permissions set in the selected Branch Level Security Profile. |
Rule Configuration
The following options allow Administrators to define under what conditions users assigned to the selected Branch Level Security Profile are allowed to view specific branches. Click on each rule type for more information.
Add a Branch Security rule. | |
Delete Branch Security rule. | |
Branch Pruning | Check to enable Branch Pruning, so that only records meeting the BLS profile criteria are displayed. NoteThis option is best utilized for the Restrict to Own Branch BLS profile, and may lead to disconnected branches. Reference the Branch Pruning section of the Restrict to Own Branch Example article for more information. |
Access permitted for a user and all records reporting to that user. Optionally, click + to specify how many levels above that user are accessible. Click the - to decrease the number of accessible levels above that user. | |
Access to branches is data-driven. You must have a Branch Access dedicated field populated with a comma-delimited list of PersonIDs assigned to the top-box records of each accessible branch. | |
Access own branch (defined by a specific field). | |
Access only the branches whose top box IDs are selected in the Allowed Branches dropdown menu. |
Assigning Branch-Level Security Profiles
In order to enable Branch Level Security for a user, Administrators must assign a Branch Level Security profile to that user's Access Group.
In the Account Settings panel, click on the Access Group tab in the left side menu.
Click on Create Group in the bottom left corner. The following Access Group Configuration panel is displayed:
Enter a name in the Access Group Name text box.
Check the Branch Level Security checkbox (under the Chart Settings heading). A dropdown menu appears (as seen in the screenshot below).
Select the Branch Level Security profile you want to assign to this Access Group.
Once you have finished configuring this Access Group, click Save. Reference the Account Settings: Access Group article for more information on configuring Access Groups.
Click on the Settings dropdown, and then select the Manage Users option.
Mouse over the user to whom you'd like to assign the new Access Group , and then click on the icon.
Click on the Group dropdown menu, and then select the new Access Group option.
Click Update.
Note
Note: Administrators can impersonate the user to test the permissions. Reference the Admin User Impersonation article for more information.