Acumatica ERP Secuirty Training - Part 1 -Concepts and Definitions

How to Set Up User Security in Acumatica ERP

Concepts Covered

1.  Roles
2.  Users
3. Access Rights
4. Most Permissive
5.  Levels of Access Rights: Revoked, View Only, Edit, Insert, Delete, Granted, Inherited. Not Set (How“Not Set” works)

Built-in roles

1. Administrator - A user with this role has full access to all system objects, and any     access restrictions to system objects are not applied to this role.     Therefore we recommend that you assign users to this role only during     initial system setup so they can define roles and enter users. Then assign     the role only in extraordinary cases. We recommend that you create a user     role for system administrators with access only to Acumatica ERP suites     and modules that are used for configuration and management of the system.
2. Anonymous - This role is reserved for system use.
3. Dashboard Designer - The system automatically designates this role as a dashboard owner role     for dashboards that were created in previous versions of Acumatica ERP. We     recommend that you create specific roles for users who should own     particular dashboards. For details, see Dashboard Pages.‍
4. BI - A user     with this role can access the BI Views—that is, the     pre-configured generic inquiries that are exposed through the OData     protocol, such as BI-Opportunities. For more information,     see OData Support.‍
5. Customizer - A user with this role can customize Acumatica ERP applications. For     details, see To Assign the Customizer Role to a User Account
6. Field-Level Audit - A user with this role can view the audit trail directly from an audited form.     For details, see Management of Access to Field-Level Audit     Functionality.
7. Guest - This role is used for backward compatibility.
8. Internal User - A user with this role can change personal settings, and view Help. It is     automatically assigned to all user accounts linked with the Employee user     type.
9. Portal Admin - A user with this role can access the Acumatica Self-Service Portal     Configuration suite and configure Self-Service Portal. For more     information about Acumatica Self-Service Portal, see Self-Service Portal.
10. Portal User - A user with this role can access Self-Service Portal. You should assign     this role only to contacts who must have access to Self-Service Portal.     For more information about Acumatica Self-Service Portal, see Self-Service Portal.
11. Report Designer - A user with this role can publish reports in Acumatica ERP. Any user can     create reports in Report Designer, but for publishing reports in Acumatica     ERP, the user needs to be granted this role.
12. Wiki Admin - A user with this role can set other users’ access rights to wikis. For     details, see Wiki Access Management.
13. Wiki Author‍
14. Administrator

• BusinessDateOverride:     A user with this role can change the business date in the info area of     Acumatica ERP. This role appears only if the Secure Business Date feature     is enabled on the Enable/Disable Features (CS100000) form. For details, see To Change the Business Date.
• Data Privacy Controller: A user with this role has access to the compliance     tools for General Data Protection Regulation. For details, see Handling Personal Data.
• Financial Supervisor:     A user with this role can post to closed financial periods, while all     other users are not able to work with these periods (when the Restrict     Access to Closed Periods check box is selected on the General Ledger Preferences (GL102000) form). A financial supervisor can also reopen Closed periods     and unlock Locked periods.

‍

‍