User Access Center
User Access Center | Product Documentation
To streamline the process of managing access control throughout the CareATC Platform, a new application (User Access Center) has been added to the portal. With this tool, you can:
- Add / remove users from Global and Restricted Roles
- Modify the Roles that have access to a given Securable
- Set and update the allowed Permission Types for each Role within a Securable
Global vs Restricted Roles
A Restricted Role is a type of Role that has limited access to certain types of data within the pages that are accessible to that Role. Typically, Restricted Roles are used when external (non-CareATC) users need to access certain pages / apps, but the data they should have access to needs to be limited in some way.
A Global Role is a type of Role that has no restrictions on the data that is displayed on any of the pages that users in that Role can access. Global Roles are typically used for internal (CareATC staff) users who should have full access to the various pages / apps that are available to that Role.
The specific type applied to each Role is listed in User Access Center under the Access Level column on the Roles page, as shown below:
Adding / Removing Users Within Global Roles
To add a new user to a specific Global Role, navigate to the Roles page within User Access Center by going to the sidebar menu and selecting System Admin > Access Controls > Roles. From there, find the Global Role you wish to edit and click Edit Role.
On the Edit Role page, find the user you would like to add to the Role under the All Users list on the left side of the page. Use the Division and Name filters to help narrow your results. Once you find the user you would like to add in the All Users list, click the user’s name to move them to the Selected Users list.
Repeat as necessary to add multiple users to the selected Role.
Similarly, you can remove a user from this Role by searching for their name under the Selected Users list on the right side of the page. Click the user you would like to remove to move them from the Selected Users list to the All Users list.
Once you have added / removed all the necessary users for this Role, click the Save Role button at the bottom of the page to commit your changes. You should receive a success notification in the bottom right corner of your screen when the Role has been successfully updated to include each user represented in the Selected Users list.
Adding / Removing Users Within Restricted Roles
To add a new user to a specific Restricted Role, navigate to the Roles page within User Access Center by going to the sidebar menu and selecting System Admin > Access Controls > Roles. From there, find the Restricted Role you wish to edit and click Edit Role.
On the Edit Role page for the Restricted Role you have selected, find the user you would like to add to the Role in the All Users list and click their name to move them to the Selected Users list. Since Restricted Roles are designed to limit the amount of data members of this Role can view, we need to configure the allowed Divisions that each user in the Selected Users list can access respective to this Role. Once the user you are adding is in the Selected Users list, click the 0 Divisions link below their name as shown below:
After clicking this link, you will be presented with a drop-down list of all Divisions. Select the specific Divisions that this user can access within any page governed by this Role.
Click the Confirm button once you have selected the specific Divisions this user can access. You should see the Division Count below the user’s name has been updated to include the Divisions that have been confirmed in the previous step – as shown above.
To remove a user from a Restricted Role, click the red X icon next to their name in the Selected Users list to move them back to the All Users list. Finally, click the Save Role button at the bottom of the page to commit all changes that have been made to the Selected Users list.
To confirm your changes were applied successfully, you can impersonate any user by navigating to Member Search and finding the user you are looking for. Click the magnifying glass icon to navigate to the User Details page. Next, click the Impersonate User button to login as that user. Verify they are only able to access data for the Divisions they have been granted access for within User Access Center.
Note that you will need to logout of the impersonated user’s account before making any additional changes under your own account.