Table of Contents

Defining access permissions for the requestor type


Only available versions of this content are shown in the dropdown

Provide access to applications for any person or external system signing in through the requestor type.

Optionally, identify an access group — or in special situations, more than one access group — to be available to requestors of this type. As a user or other requestor signs on, the system adds the RuleSets and versions in the application rules of the selected access group to the user's RuleSet list.
Field Description
Define this requestor type using Select an Application-based Access Group.
Access Group Name Optional. Identify an access group that contains an application rule and one or more access roles. The RuleSets and versions identified in the application rule in this access group become visible (to rule resolution) for all requestors of this type.

Except as described below, enter only one row in this array, and select the radio button for that row.

For the BATCH instance, you can list additional access groups that are to be available to legacy agents, for the agents where the Agents field on the Security tab of the Agent Queue data instance is blank.

  • For example, list access groups for the Pega-ProCom agent here; the agent needs application-specific access to send correspondence and to find and enforce service-level agreements (SLAs).
  • If the Agents field on the Security tab of the Agent Queue data instance is not blank that access group is used, and the list in the BATCH requestor data instance is ignored.
For the BROWSER instance, you can list additional access groups that are to be available to all browser users — including unauthenticated users — through the application switching facility.
  • As a best practice to restrict access to authenticated users, list such access groups in an Organization data instance, rather than in the BROWSER requestor data instance.
  • It is required to distinguish unauthenticated access groups from authenticated access groups. Therefore, any access groups specified here must NOT match access groups specified for operators.
You may enter additional access groups in this array for requestor data instances other than the BATCH and BROWSER instance.
  • Standard rules ignore all rows except the single access group that is marked with a selected radio button.
  • This array is not a means to provide more than one access group to services or portlets.

Legacy fields

These fields appear for Requestor Type data instances with Lists of RuleSets and Roles. This approach is deprecated for new development.
Field Description
STARTING RULESETS RuleSet or RuleSet:Version. Order is significant.
STARTING ROLES Access role. Order is not significant.
Did you find this content helpful?

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.