Access When rules
An Access When rule defines a test that the system performs to allow, or disallow, a user from performing an operation or accessing information (instances of a specific class) based on security requirements.
The following tabs are available on this form:
Don't confuse the Rule-Access-When rule type — referenced only to control user access to a class — with the more widely used Rule-Obj-When rule type. The forms are similar, but the purpose and references are different.
Where referenced
Access When rules are referenced in the Access Manager, Access of Role to Object rules and Access Deny rules. In the Access Manager, use Access When rules to conditionally authorize access by case type to cases (class instances), assignments, flows and flow actions, and to functions on the Tools tab. Use of the Access Manager is recommended instead of directly modifying Access of Role to Object and Access Deny rules.
For a property that has a Type of TextEncrypted
, an Access When rule
controls when the system decrypts the encrypted value. If your system uses the
TextEncrypted
type, limit the ability to create, update or delete rules
of this type, as such rules can enable access to the decrypted values.
Access
Use the Application Explorer to list Access When rules in your application. Use the Records Explorer to list all the Access When rules that are available to you.
Category
Access When rules are instances of the Rule-Access-When class. They belong to the Security category.