
Access Group modification
You can configure existing Access groups according to your company's requirements and security best practices. For example, you might wish to create an Access group for provisioning and registering robots without granting full access to the Robot Manager portal. You could also allow users access to Robot Manager reports while restricting other functionality, such as the ability to collaborate in Spaces. You can add a new or update an existing Access group with the desired set of Access roles to create the appropriate permissions. You can add a new or update a current Access group with the desired set of Access roles to create the proper permissions.
When adding users to the Robot Manager portal, you associate users with a role that directly corresponds to an Access group configured by the Dev Studio system administrator. The following figure shows the relationship between the two entries:
You can update the Access roles list on the Access group definition in Dev Studio. The order of roles is irrelevant unless you enable the Stop access checking once a relevant Access of Role to Object instance explicitly denies or grants access check box. Enabling this option causes Pega Platform™ to search for the necessary access based on the access role list order and stops as soon as access is explicitly granted or denied. For example, placing the AutomationPackageManagement
access role in the first position ensures that users receive access before Robot Manager evaluates the other Access roles, as shown in the following figure.
As a system administrator, you can quickly and conveniently add a new application-specific set of permissions by creating a copy of an existing Access group and modifying that copy to suit your needs. You can also add or remove Access roles from existing Access groups to extend or restrict access privileges, as required. For more information on editing Access groups in Dev Studio, please see Associating Access groups and roles.
Constructing custom Access Groups
By creating new Access groups or editing existing ones, you can define permissions corresponding to your company's needs. For instance, with the Security Administrator role, you can quickly and easily establish a new set of permissions specific to an application by copying an existing Access group and altering it to your specifications. Furthermore, you can extend or restrict access privileges by adding or removing Access roles from already-existing Access groups as needed. For example, you can create an Access group to grant users access to view, edit, create, and delete reports in Pega Robot Manager and to restrict access to other functionalities.
For more information on creating custom Access groups, see Creating custom Access groups for Pega Robot Manager users, and for more information about the available roles and access groups in Robot Manager, see Access roles and groups in Pega Robot Manager.
Check your knowledge with the following interaction:
This Topic is available in the following Module:
If you are having problems with your training, please review the Pega Academy Support FAQs.
Want to help us improve this content?