As a security administrator, you permit or restrict groups of users to access various actions in an application, such as having access to a case type, flow action, or button.
When you create an application, some access groups are created automatically. You can create additional access groups and assign users to access groups based on the type of work they do. For example, in most applications, managers have permission to do tasks that ordinary employees cannot.
As a security administrator, you configure an access group for managers and an access group for regular employees. When a new employee is hired, human resources staff assigns the employee to the proper access group.
The examples below assume that you have a human resources application named HRApp in which various access groups, such as managers and human resources staff, can do different actions. The examples also assume that you have access to the Dev Studio portal for HRApp and have the PegaRULES:SecurityAdministrator role. Some of the examples assume that you have created specific case types and access groups, which are described in each example.
Securing an application user interface involves these sorts of tasks:
- Controlling access to an entire case type
- Restrict who can use a flow action
- Controlling access to flow actions
- Controlling access to sections, buttons, and other UI controls
- Controlling access to reports
- Validating user input and preventing invalid values
- Controlling access to individual cases
- Encrypting the values of sensitive properties
- Masking the values of sensitive properties
- Securing your application for mashup communication
- Securing Cosmos React-UI applications