Dev GuideAPI Reference
Dev GuideAPI ReferenceUser GuideGitHubNuGetDev CommunitySubmit a ticketLog In
GitHubNuGetDev CommunitySubmit a ticket

Field-level security by role

Describes how to restrict the access to various fields within the Admin Console in Optimizely Configured Commerce.

When necessary, it is possible to restrict the access to various fields within the Admin Console. This is managed by assigning Role attributes to fields in the Application Dictionary. Due to needing access to the Application Dictionary, this functionality is limited to the ISC_Admin and the ISC_System roles.

📘

Note

ISC_System is an Insite-only role and appears here for reference purposes only.

Prior to implementing field-level security, users must first be assigned to the roles that will be restricted. These roles then are assigned as an attribute to the field that is to be restricted.

The following steps show how to assign users to Roles.

  1. Log into the Admin Console as user assigned to either the ISC_Admin or the ISC_System role.
  2. Assign all users whose access you would like to limit to the desired role:
    1. Go to Admin Console > Administration > Permissions > Users (Console Users in 4.3)
    2. Click Edit for the desired User.
    3. Within the Details tab in the Roles section , select the roles to assign to the user from the Available Roles list.
    4. Click Save.
    5. Repeat steps a - d for each user.

The following steps show how to secure access to specific fields based on Roles.

  1. Log into the Admin Console as a user assigned either the ISC_Admin or the ISC_System role.

  2. Go to Administrator > Application Dictionary.

  3. Search for the Entity, such as Customer, and click Edit .

  4. Click the Properties tab and click Edit for the property field you wish to more granularly control.

  5. Click the the Permissions tab:

  6. Click Edit for the Role Name that is to be modified.

  7. Using the radio buttons, modify the access to the role:

  8. Click Save.