Use this page to specify the criteria or details used to define an access group. An access group is a group of members defined specifically for access control purposes.
- No criteria
- Select this option if you want to create an explicit access group where the access group is not defined by any criteria. For an explicit access group, users who may or may not share common attributes and therefore, no criteria is specified during the access group creation. Adding access groups explicitly allows you to exclude individuals that satisfy the conditions for inclusion in an implicitly defined group. For example, to give users authority to perform an action across multiple organizations, select this option to define the access group without organizational criteria.
- Based on organizations and roles
- Select this option if the access groups is defined based on a combination
of users' organizations and roles. If you select this option, you can
specify information about organizations and roles, as follows:
- Organization
- Select the name of the organization or organizational unit to which the access group applies (for example, Organization A). If this access group can be used for all organizations in the site, select All organizations.
- Role
- Select the role to which the access group applies (for example Customer Service Representative). If this access group can be used by all roles in the organization, select All roles.
- For organization
- Select this option to indicate that the selected role is within a specific organization. For example, if the selected role is a Buyer and this check box is selected, then users included in the access group must be assigned the Buyer role for their organization as opposed to the Buyer role in general. Consider this check box acting as a wildcard: instead of specifying that users in Organization A must have a Buyer role for Organization A, or that users for Organization B must to have the Buyer role in Org B and so on, this check box allows you to specify that users must to have the buyer role in their organization.
- Add
- Click this button to create the organization and role combination selected above. Once the roles are created, they display in the Selected roles list (using the example above, the Customer Service Representative - Organization A combination will be created when you click this button).
- Selected roles and organizations
- Lists the organization and role combinations that can be used to define the access group. You can select groups from this list and remove them if they are no longer applicable.
- Remove
- Click this button to delete the organization and role combination from the Selected roles and organizations list.
- Based on registration status
- Select this check box if you want to define an access group based on the
user's registration status, and select roles for the access group as
follows:
- Registration status
- Select the whether the user is a guest user, a registered user, an Administrator, or a Site Administrator from this list.