...
Security Groups are used to define access for Administrative and Business Users. The User can Users can only access attributes that are included in Security Groups for candidate data within consoles and dashboards that belong to the attributes specified in the Security Group for which they have been set up. For more details, follow the sections discussed below.
What is a Security Group?
A Security Group is a list of specific HR attribute values that can be accessed by a Useruser.
Who can access
...
Security Groups?
The Users with System Administrator is the only user who role can access Manage Security Groups.
How do you access
...
Security Groups?
Click the Menu Icon. Under Security, Clickthe menu icon on the left and select "Manage Security Groups" from the navigation menu.
 |
How do you select the attribute values that are available to Users users in a Security Group?
Click on Select an attribute for which you would like the to create a Security Group to have access.
Manage Security Groups |
|---|
|
Click "Add" to add an entry for a new Security Group.
Manage Security Groups |
|---|
|
Enter a Description description for the Security Group. Click To select the attribute, click the lookup icon for "Attribute ID".
Define Security Group |
|---|
|
Select an Attribute an attribute value to be included in the Security Group.
Look Up Attribute ID |
|---|
|
Click the "Add" icon to add another Attribute attribute value for the Security Group.
...
Repeat the lookup process, selecting a different Attribute attribute value. After After adding all the values have been added, click "Save".
Define Security Group |
|---|
|
The newnewly created Security Group now shows for the AttributeCompany attribute.
Manage Security Groups |
|---|
|
You can add the same Security Group to other Attributes, if desired. You Similar to this, you can add as many Security Groups as you would like to need for any attribute(s).
How
...
do you assign
...
a Security Group to a
...
user?
The Security Group access for a User user is set up in Manage Users/Contacts. As an example, let us create a security group for Location new Security Group for the Company attribute.
|
Enter the security group Security Group description, select the Attribute ID and save.
|
The new security group Security Group shows for Location the Company as given below.
|
Let us assign this newly created security group Security Group to a user. Navigate to Manage Users/Contacts and access the user page.
|
Create a new user/contact or edit an existing user.
...
In For more details on adding a new user, please click here.
On the Invite/Edit User page, configure the Row Level security , select to the newly created security group for Location attribute Security Group and save the changes. This will restrict limit the user to access the candidates' 's access to candidate data specific to that location in consoles.
...
The console data for the above user displays the candidates belonging to that Location security group only. Let us check this in the Invitation Console.
Search invitation console and click "Info and Actions" for any invitation.
...
Check the Information tab for Location. The newly set up Location security group shows in the information.
...
The above restriction on user access is also applicable to Elasticsearch as well as dashboards.
If the user tries to access the candidate data that does not belong to the Location the user has access to, then the user will be redirected to the unauthorized access page.
Dashboards example:
Click on the number or segment of the graph in the I-9 Insight chart.
...
The user can see the list of all I-9 IDs of the segment as shown below, but the drill down data can be seen only for the I-9s of the candidates that belong to the locations the user has access to.
...
...
When clicked on the I-9 IDs of the candidates belonging does not belong to the Location the user has access to to other locations, the following unauthorized access error message will be displayed.
...
Elasticsearch:
In Elasticsearch, all the category related search results and their actions oblige row level security except I-9 Status, I-9 Compliance and I-9 Life Cycle.
In I-9 Status, I-9 Compliance and I-9 Life Cycle categories, the search results show all the rows but the drill down redirects the user to the unauthorized page if the candidate does not belong to the locations the user has access to.
Examples:
...
...
Select any candidate and click on the invitation ID link. The page redirects to error message if the user has no access to the candidate data.
...
When clicked on related action for the above invitation, the page displays error message.
...
...
company within consoles and dashboards.
|
