Show TOC

Function documentationSelecting Roles Locate this document in the navigation structure

 

You use the Select Roles screen to search for the roles that you want to assign to an access request. You can also use this screen to Add a role to extend a Validity Date for an existing user.

A role is a group of transactions that a user has permission to perform. When you assign a role to a user, all the transactions that are associated with the role are available to that user.

Roles can be:

  • Single: one role

  • Composite: a group of single roles

Once you have chosen your search criteria, complete the fields as described in the following table.

Features

The Select Roles function offers the following search criteria to assist you in locating and selecting roles:

Search Criteria for Finding Roles

Field name

Description

System

This field lists the systems that you selected on the Create Request screen. Choose the system for which you want the role.

Note Note

If you chose multiple systems during the request creation process, select each system individually to search for the roles within that system.

End of the note.

Type of Access

Select the appropriate type of access to be granted. The options are:

  • Roles

  • Transaction

  • Model my access after

Application Area

If it was defined in the system that you selected above, you can select the application area, if you know it and want to narrow your search criteria.

Business Process

Select the business process if you know it.

Subprocess

Select the subprocess of the business process if you know it and want to narrow your search criteria.

Role/Profile Name

This is a free text field where you may enter part of the name of the role or profile for which you want access. Wildcards are accepted.

Role/Profile Description

This is a free text field where you may enter part of the description of the role or profile for which you want access. Wildcards are accepted.

Functional Area

Select the functional area of the role or profile if you know it and if you want to narrow your search criteria.

Company

Select the company in which the role or profile exists if you know it and if you want to narrow your search criteria.

Note Note

The application is contextual. If you select Model my access after as the type of access, the screen changes dynamically. Below the Select the Type of Access all headings are replaced with the name Model my access after. You use this option to search for a user after whom you want to model the requesting user’s access.

End of the note.

Activities

  1. Select your search criteria and choose Go.

    The system retrieves a list of roles and profiles that match your search.

  2. You use the checkboxes to the left of each role to select the roles and profiles that you want.

  3. From the dropdown list, you choose Add to add the selections to your request.

    Depending on the type of Request you are processing, you can make different selections.

    Example Example

    If you are processing a request for an existing user, you can choose a role and then choose from the dropdown list to either Keep or Remove the role for that user, depending on what was requested.

    End of the example.

  4. The application context changes to the Selected Roles tab where you can choose the Request Reason tab to enter a justification for each role.

  5. Choose Continue to return to the Create Request screen.

    Note Note

    To view the roles that are already assigned to the user, select the Existing Roles pushbutton.

    You can view existing roles with multiple role validity date assignments for the same role. You can choose to display an expired existing role, or not, depending on the configuration.

    To add a new assignment validity date for the existing role:

    1. Choose action Add.

    2. Configure the Valid from and Valid to dates.

    End of the note.