Security Roles

Roles control access to features and capabilities in applications and components. After access has been granted to a role, all the groups or users assigned to the role are granted the access.

Creating a User Role

On the top right, navigate to
→ Application Studio → ServiceJourney
Once inside Application Studio, navigate to Security → Roles
Click on New Role button
Fill out the appropriate fields
Click Save
Navigate to Deployment Management → Deploy and deploy the solution

Managing the list of Groups or Users assigned to a Role

On the top right, navigate to
→ Manage Users
Navigate to User Management → Roles
Click the hyperlink of the role whose membership you want to manage
Click on the Role Groups tab or the Role Users tab and then click Edit
Move the appropriate groups/users between the two boxes as needed
Click Save

Users need to log out and log back in for these changes to take effect

Base Roles in ServiceJourney

The following roles are part of the standard installation of ServiceJourney

Role	Description
Platform Level
System: Allow App Studio	This role allows the user to open the Application Studio where he can configure solution components. Basically, it's a combination of "Allow Solution Design" and "Allow Environment Administration" roles. This role allows changing the solution resources files, which are part of the solution configuration. This role must be allowed only for the user who has the right to change the configuration.
System: Allow Company Setup	This role grants privileges to manage all Company settings including Security Settings. This role gives access to all AppBase API used in the "Company Setup" section. Contact support for additional instructions.
System: Allow Environment Administration	This role grants System role, that allows access to the configuration of capture channels, scheduled tasks, and other runtime components for the corresponding environment. Contact support for additional instructions.
System: Allow My Workspace	This role provides access to the AppBase UI section that allows a user to manage some of their own settings or change their password. This role is required for the user to be able to open the AppBase home page after login.
System: Allow Solution Design	The features controlled by "Allow Solution Design" are equal to the "Allow App Studio" role, except for features, allowed for the "Allow Environment Administration" role. Contact support for additional instructions. "Allow Solution Design" role allows to do "Preview" only. To do "Execute SQL", "Confirm" or "Apply Changes" need to grant "Allow App Studio" or "Allow Environment Administration" or "Allow System Administration" roles.
System: Allow System Administration	This role provides access to the page "System Setup". Through System Setup, you can create and administer users, set up solutions and their respective environments, and manage resources.
System: Allow User Management	This role grants the privilege to manage users (Create/Delete/Update), managing some of the Authentication Configuration properties (mostly related to Active Directory synchronization, and troubleshoot the synchronization errors). By allowing managing of user's groups/roles the role allows managing users' privileges. Contact support for additional instructions.
System: Solution Access	This role allows managing the access to resources/API like CMS resources, Solution components state, and others. Contact support for additional instructions.
Solution Level
Administrator	The administrator role provides access to all the DCM administration tools
Case Worker	The Case Worker role provides access to all the DCM runtime features
Developer	The Developer role provides access to all the DCM configuration and administration tools.
DEXP_Root	DEXP_Root (Export Root) role provides access to all the features of the DEXP component
LTR_Root	LTR_Root (Letter Generation Root) role provides access to all the configuration features of the LTR component
ServiceJourney Level
Front Office User	The user that interacts with customers
Back Office User	The user that processes cases in the back office
Submitter	Similar to a Front Office User except who only creates Cases