Security Groups
Getting There: In the Navigation Pane, clicktap Security Groups under Settings. If the menu is hidden, clicktap .
If you have a large number of users in Insite, you may find it useful to put them in groups. Security groups allow you to place your users in a container and assign them permissions (or remove permissions) at the top level, rather than at a user level.
Security groups also minimize the number of roles you need to assign a user directly. This is helpful if you only want to give users permissions they actually need (such as giving accountants the Accounting Users role or Robot Schedule engineers the Robot Schedule Engineers role). Instead of assigning three roles to a user (Accounting Users, Accounting Supervisors, and Accounting Managers), you could create three different security groups (ACCOUNTING, ACCOUNTING SUPERVISORS, ACCOUNTING MANAGERS) and assign users to them. When they no longer need the roles attached to the security group, you can remove them from the group.
A note on LDAP authentication
If you use LDAP authentication, you can use an LDAP Group distinguished name* in your security groups that will automatically assign certain users to the group when they first log on (see Adding a Security Group for instructions). These users are determined by the information in the distinguished name, such as a matching CN name. Once the users are added, they are given the permissions of whatever roles are assigned to the security group with minimum management from the administrator. (LDAP permissions can be nested if a user is part of multiple security groups.)
Ways to Use Security Groups
There are a few ways you can use security groups.
1. As a way to organize your users
Security groups can be used as organizational tools. You can add users and roles, and any changes made to the groups or roles attached to them will trickle down to the users. This ensures that the work you do with individual users (after they are created or pre-registered, see Adding a User) is minimal.
2. As a way to give a user extra permissions
You can also use security groups to give a user permissions to an area of Insite they generally don't have access to. This may be pertinent if you have a Powertech engineer who needs temporary access to an Automate Enterprise server or a WebDocs supervisor who needs to look at a Robot test system.
Users can easily be added to or removed from security groups, which makes it simple to give a user permissions that are outside their normal role functions.
The Default Security Group
Insite comes with a default security group that users are assigned to if they're not automatically assigned to a group or role. The Default security group cannot be deleted and has no basic authorities out of the box. If you want to add authorities to the default security group, you can do so by adding roles.
The Default security group should only be used to catch users who are not given a group or role when they first log on to Insite. We don't recommend using it to give users authorities long term. Please note, too, that if you assign another security group or role to the user, the default security group will be automatically removed next time they log on.
Managing Security Groups
ClickTap a link to learn how to add, edit, or delete security groups: