About Access Deny rules
|
|
Access Manager simplifies the process of granting authorization and as a best practice should be used instead of working directly with Access Deny rule forms. On the Pega menu, select Org & Security > Access Manager. See Org and Security category - Access Manager landing page for more information.
Use an Access Deny rule to restrict users who have a specified access role from accessing instances of specific classes under certain conditions. Denial of access to the class can depend on the production level value (1 to 5) of your system or whether certain Access When rules evaluate to true.
Conversely, a value of zero or blank allows access (access is not denied).
By default, PRPC denies all access to a class except when explicitly granted using Access Manager (or editing an Access of Role to Object rule). However, government, or company regulations and policies sometimes require explicit denial of access to specific capabilities. In these cases, use Access Deny rules to explicitly deny access to an access role and class combination.
Use the Application Explorer or Records Explorer to list access deny rules available to you.
Access Deny rules are instances of the Rule-Access-Deny-Obj rule type. They belong to the Security category.