Skip to main content
LinkedIn
Copied!

Table of Contents

Configuring an access role

Version:

Only available versions of this content are shown in the dropdown

To define a set of permissions within an application, configure an access role.

You must complete the following task before you can configure an access role: Creating an access role by using the rule form
  1. Create an access role, or open an existing access role by doing one of the following steps:

    • In the navigation panel, click Records Security Access Role Name and choose an access role from the instance list.
    • In the Dev Studio header, click Configure Org & Security Tools Security Role Names and double-click a role name.
  2. Optional:

    To copy permissions from an existing access role into your access role, do the following steps:

    This step removes Access of Role to Object rules that were previously defined for your access role.
    1. In the Clone from field, press the Down Arrow key and select an access role to copy.

    2. Click Clone.

      The Access of Role to Object rules for the Clone from role are copied to your access role (overriding any that you already defined). The new values appear in the Access Class table.
  3. Optional:

    To inherit permissions from existing access roles without copying them, do the following steps:

    1. Click Manage dependent roles.

    2. To add a role dependency, click Add dependent role, press the Down Arrow key, and select an access role.

    3. To remove a role dependency, click the Delete this row icon.

    4. Click Submit.

  4. To simplify the process of granting operator access to a feature protected by privileges, select Inherit privileges within class hierarchy.

    When this is selected, at run time, the system searches the class hierarchy for Access of Role to Object instances. For more information, see Privilege inheritance for access roles.
  5. To define the permissions that this access role has for various classes, you add, update, or delete Access of Role to Object rules in the Access Class table. When you click an Access Class name or the Add a row icon, a dialog is displayed where you configure the Access of Role to Object rule.

    Standard access roles such as PegaRULES:SysArch4 and PegaRULES:User4 include corresponding standard Access of Role to Object rules, including a rule for @baseclass. Be sure to create a last-resort Access of Role to Object rule at @baseclass so that the class inheritance search always ends successfully.
    1. For a new Access of Role to Object rule, in the Class field, press the Down Arrow key and select a class.

    2. In the listed fields, enter a production level or Access When rule name. At run time, the system evaluates the value to determine whether access is granted.

      For more information about these fields, see Defining permissions by using Access of Role to Object rules
    3. Optional:

      In the Privileges table, enter one or more privileges. For each privilege, enter a production level or Access When rule name.

      For more information about assigning privileges, see Specifying privileges for an Access of Role to Object rule
    4. Optional:

      In the Access table, enter one or more settings. For each setting, enter a value.

      For more information about assigning settings, see Defining access settings for an Access of Role to Object rule.
    5. Click Submit.

  6. Click Save.

Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us