Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Cloe Walker (CloeW938)
IT Solution Service

IT Solution Service
SG
CloeW938 Member since 2018 227 posts
IT Solution Service
Posted: Sep 11, 2018
Last activity: Sep 12, 2018
Posted: 11 Sep 2018 23:18 EDT
Last activity: 12 Sep 2018 5:42 EDT
Closed

Standard access role should not be listed in your custom access group. Is it correct?

Hi,

Someone told me that you never should include standard access role to your application's access group (I am only talking about end user, not developer). I understand this because, for example, once you include PegaRULES:WorkMgr4 or PegaRULES:User4, they have "5" for Work- class. That means even if you restrict the access to MyCo-MyApp-Work-PurchaseRequest class in your custom access role, that will not take an effect.

Now, I am also feeling like some of access roles should be included like PegaAPI or SecurityAdministrator otherwise some of functionalities wouldn't work. Are these supposed to be considered as exception?

Thanks,

To see attachments, please log in.
Security

Posted: 6 years ago
Posted: 12 Sep 2018 5:42 EDT
Marc Lasserre (MarcLasserre_GCS)
PEGA
Technical Account Manager
Pegasystems Inc.
FR

Hello,

I think this is a development recommendation before reaching Production. I believe in an ideal world you should have a custom version of those ROLES for your specific requirements. 

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice