- Access Management in Apps
- Access Management for Resources
- Managing Access Rules
- Related Articles
In this article we will focus on how to give other users access to view your App. To fully understand the content, you should have basic knowledge of the available Access Rules within Apps, so for example the difference between Viewer and Builder. More information on that can be found in the respective User Management article. It is also helpful to have some knowledge about user Rights and Roles, but we also provide a small introduction here.
Last but not least, it is good to know what Viewer Licenses in ONE DATA mean.
As a prerequisite for granting users access to your App, it is necessary to gather them in a Group within ONE DATA.
Within the settings of the App Builder, you can also give single users access to the App, but for granting them access to resources in other Modules, they need to be in a Group.
To create a new Group, navigate to "Settings" (side bar on the left hand side, for example in the Use Cases Module).
Then, navigate to "Group Settings". In this overview, the already existing Groups are listed and on the left hand side, under "Group Actions", you can create new Groups.
It is possible to create two certain types of user Groups:
- Normal Groups (dedicated for Normal Users)
- Viewer Groups (dedicated for Users with Viewer License)
When clicking on of these options a dialog pops up, where you can specify the Group name and add users.
Note that: - It is not possible to mix user types in a Group. Viewer Groups can only contain users with Viewer License and normal ones only Normal Users. - You need to be Domain Administrator to create new Groups.
Access Management in Apps
First of all, it is necessary to grant the users access to your App in the Builder. This is necessary regardless of the user type to which you want to publish the App to. To do this, click the settings button on the upper left hand side of the App Editor.
There you can find the section "Publish in Viewer" where you can select the version of your App which you want to show in the Viewer and then toggle the switch to publish the App.
With this step, we made the App visible in the App Viewer globally / for the selected users. This is enough, if your App is standalone and does not rely on any resources from other ONE DATA Modules. But more often than not, this is not the case. Hence, the next section will explain the other necessary configuration steps.
Access Management for Resources
Before we dive into the topic, we need to categorize the type of ONE DATA Users you want to publish the App to. This is necessary as there are certain differences in configuration.
This is the distinction we need to make:
Publishing an App for Users with Viewer License
First of all, if you want to publish the App to Users with Viewer License, there are some limitations. As the User has just Viewer rights, it is not possible to execute Workflows/Production Lines with such accounts. So if your App implements this functionality, it is restricted.
To give a Viewer Group access to the resources of your App, navigate to Settings (side bar on the left hand side) and then to "Project Settings". There you will find a list of all Projects within your Domain.
Find the Project that contains the data table your App uses and click on the globe icon. In the dialog that opens, select the respective Viewer Group and choose "Extended Report Runner" as Viewer Role.
Now just click "Apply", and there you go, your App is successfully published and the Users in the selected Group are able to see the data.
Publishing an App for Normal Users
When publishing an App to Normal ONE DATA Users, the publish-procedure is a little bit different to the one for Users with Viewer License.
First, you need a respective Access Role configured. Depending on how your OD instance is set up, it is possible that you already have an Access Role that fits your needs. But that really depends on the individual use case.
If not, you can follow the steps on how to create the Access Role for our desired purpose in the dedicated section below.
Once you have the required Role, navigate to the Project that contains the resources for your App, and click the "Invite" Button in the Overview.
In the dialog that pops up, you can select your desired User Group and the respective Access Role.
Then just click "Apply" to save the access rights for the Project. Now your App is successfully published and can be viewed by the Users in the added Group.
Managing Access Rules
This section gives a small introduction on how to create/manage Access Rules in ONE DATA related to publishing an App to other Users. A full and more detailed description of the topic can be found in the article about Rights and Roles.
Note that you need to be Domain Administrator to configure Access Roles on your ONE DATA Instance.
First of all, navigate to the Rights Management section and create a new Role: Within "Use Cases", navigate to Settings (side bar on the left hand side) and then to "Rights Management". In there, you can click "Add New Role".
Now it is just necessary to specify to which resources the new Role should give access to. As an an example we create a Role, one that gives:
- READ access to Data Tables
- READ and EXECUTE access to Workflows
- READ rights to Workflow Jobs
Depending on your use case, this can be done analogous to any other resource in ONE DATA.