Access Group data instances

An access group is associated with a user through the Operator ID data instance.

The following tabs are available on this form:

The access group determines:

  • Their portal layout
  • Which work pools are available
  • The types of work items they can enter
  • Which rulesets display at the top of their ruleset list
  • Which access roles and privileges they hold
  • Details of rule caching for performance
  • The initially displayed ruleset and version for rules they create with Actions > Create or Save As.

If you are creating an access group for users of a composite portal who may enter work items, follow the restrictions mentioned for the Settings tab and Layout tab.

Where referenced

During signon, the system uses the access group identified in a user's Operator ID data instance to assemble that user's ruleset list. If the Access Group field (on the Profile tab of the Operator ID form) is blank, the system instead uses the access group identified in the Org Division associated with the Operator ID. If that also is blank, the access group in the Organization data instance is used, or finally it uses the Access Group identified in the Browser requestor type.

Access groups also determine the ruleset and versions available to external systems when they request services from an application. These data instances and rules reference an access group:

  • Service package data instances
  • Listener data instances
  • Service rules

Agents rules and the related Agent Schedule data instances also reference an access group. (However, certain types of agents have a dynamic access group that may change for each item the agent processes from its queue.)

Access

To review or update access group data instances, select Designer Studio > Org & Security > Groups > Roles > Access Groups.

Category

The Data-Admin-Operator-AccessGroup class contains access group data instances. They are part of the Security category.

Associated RuleSet

When you save an access group data instance, if the Associated RuleSet is [none], the associated ruleset is set to the ruleset from the current application of the logged-in user. This association assists with application packaging. You can update the associated ruleset using the field in the top left of the form.

If there is no ruleset associated with the data instance (for example, for existing instances not previously associated with a ruleset), the Associated RuleSet displays [No associated RuleSet]. Click Edit to define one.