From ICIHelp8.2
Jump to: navigation, search
 
(18 intermediate revisions by 3 users not shown)
Line 2: Line 2:
 
= Managing Security Groups =
 
= Managing Security Groups =
  
== Search a Security Group  ==
+
A security group in ICI is a group of users that have privileged permissions to access and manage entities in ICI. These entities can include Agreements, Contract Types, Templates, Signatories, Teams, and so on. A security group can have no permission at all or have the rights to update or only view the entity details.
  
In ICM, you can search a security group for multiple reasons such as:
+
ICI allows you to:
  
*To know the details of the security groups.
+
*Search security groups  
*To edit security groups.
+
*Create a security group
 +
*View/edit a security group
 +
*Delete security groups  
  
You use multiple parameters to search the security groups.
+
Each of these operations are explained in the following sections.
  
Here is the process to search for a security group.
+
== Default Security Groups ==
  
In ICM, you can use various options given below, including the dynamic search feature, to find the desired security group.
+
*'''Default''': This is the only seeded security group available in ICI when an instance is deployed for the first time. All users in the instance are part of this default group.
 +
<div class="image-green-border">[[File:Default security group.png|720px]]</div>
 +
Apart from this, as many security groups as required can be created on an instance. For example “External Users with Login”, “Legal Group”, “Extended Security Group” and so on for the respective user types.
  
1.&nbsp;'''Click''' the ''Security Group'''''&nbsp;'''on the ''User Administration'' page. The ''Security Groups'' page opens.
+
== Search a Security Group&nbsp; ==
<div class="image-green-border">[[File:Search Security Group 7.8.PNG|720px|RTENOTITLE]]</div>
+
2.&nbsp; Search for a specific security group by using any of the following options:
+
  
*&nbsp;'''Click''' the ''Select Field'' list under ''Search For'', and then select an appropriate item. Search results relevant to that item are displayed with a number in bracket.<br/> The number denotes the number of security groups that meet the search criteria.
+
In ICI, you can search security groups to view security groups and view details of each group individually. You can use various options, including the dynamic search feature, multiple filters and custom keywords to search the desired security group.
*'''Click''' the ''box'' to select specific item. A list of security groups relevant to the item is displayed.  
+
*'''Type''' relevant keyword in the ''Custom Keyword'' box, and '''click''' ''Apply&nbsp;''to narrow your search further.  
+
  
Alternatively, '''type '''the keywords in the box provided. A list of relevant security groups is displayed.<br/> <br/> '''Enhancing your search'''<br/> You can further narrow your search by using any of the following methods:
+
To search Security Group, do the following:
  
 +
1.&nbsp;'''Click'''&nbsp;the “Admin” > “Security Groups” on the “Home” page. The Security Groups index page appears.
 +
<div class="image-green-border">[[File:8.0-Managing-Security-Groups-Menu1.png|750px|8.0-Managing-Security-Groups-Menu1.png]]</div>
 +
2.&nbsp; On the Security Groups index page, you can search for a specific security group using any of the following options:
 +
 +
*&nbsp;'''Click''' the Select Field list under Search For, and then select an appropriate item. Search results relevant to that item are displayed with a number in the bracket.<br/> The number denotes the number of security groups that meet the search criteria.
 +
*'''Click''' the box to select a specific item. A list of security groups relevant to the item is displayed.
 +
*'''Type''' relevant keywords in the Custom Keyword box and '''click''' Apply&nbsp;to narrow your search further.
 +
 +
Alternatively, '''type '''the keywords in the box provided. A list of relevant security groups is displayed.
 +
<div class="image-green-border">[[File:Default security group 2.png|720px]]<br/> <br/> '''Enhancing your search'''<br/> You can further narrow your search by using any of the following methods:</div>
 
{|
 
{|
 
|-
 
|-
Line 45: Line 55:
 
'''Viewing the saved search terms'''<br/> View your saved search terms with the following:
 
'''Viewing the saved search terms'''<br/> View your saved search terms with the following:
  
*In the More Searches box, select your saved search, and '''click'''&nbsp;the ''Add to Favorite''&nbsp;to mark the search term as favorite.  
+
*In the More Views dropdown, select your saved search, and&nbsp;click&nbsp;the Add to Favorite&nbsp;to mark the search term as favorite.  
*You can find your marked favorites below the tiles.  
+
*You can find your marked favorites below the tiles. For example, “Security Groups for West Region".  
  
 
== Create a Security Group ==
 
== Create a Security Group ==
  
You can create a group of users and assign specific privileges to the group. You can provide access to various KPIs and reports.<br/> You can also grant view, manage privileges to various entities in ICM.
+
You can create a group of users and assign specific privileges to the group. You can provide access to various KPIs and reports.<br/> You can also grant view, manage privileges to various entities in ICI.
  
 
To create a Security group:
 
To create a Security group:
  
1. '''Click''' the ''Security Groups'' tile on the ''User Administration'' page. The ''Security Groups'' page appears.
+
1. '''Click''' the "Admin" > "Security Groups"&nbsp; on the "Home" page. The Security Groups page appears.
  
2. '''Click''' the ''Create Security Group'' tile. The ''Create Security Group'' page appears. Enter the information for the following in the ''Create Security'' page.
+
2. '''Click''' the "Create"&nbsp; tile. The Create Security Group page is displayed. The Create Security Group page is displayed. The page has the following tabs where you enter information required to create a security group:
 
+
3. The ''Create Security'' page consists of following tabs:
+
  
 
*Details  
 
*Details  
Line 66: Line 74:
 
*Privileges  
 
*Privileges  
 
*Verify  
 
*Verify  
 +
<div class="image-green-border">[[File:8.0-Managing-Security-Groups-Create1.png|520px|8.0-Managing-Security-Groups-Create1.png]]</div>
 +
3. The Details tab is open by default on the Create Security Group page. Enter the “Name” and “Description” details for the security group.
  
These tabs are explained here in detail:
+
4. Click Next. The KPI tab opens.
  
'''Details&nbsp;'''
+
5. The KPI tab displays a list of key performance indicators that are configured in ICI. You can select the KPIs that the security group can access based on the following options:
  
1. '''Enter''' the group related information in the ''Details'' page.
+
*'''View:''' the security group can view the respective KPI
 +
*'''None:''' the security group does not have access to the respective KPI
  
2. '''Type '''the name of the group in the ''Name'' box,.
+
6. Click&nbsp;Next. The Report tab opens.
  
3. '''Type '''a description for the group in the ''Description'' box.
+
7.&nbsp;&nbsp; &nbsp;The Report tab displays a list of platform (SQL Server Reporting Services based) as well as platform analytics (Power BI based) reports that are configured in ICI. You can select the reports of KPI that security group can access based on the following options:
  
4. '''Click '''''Next''. The ''KPI'' tab appears.
+
*Manage: the security group can open the report and take required actions&nbsp;  
<div class="image-green-border">[[File:Create security Group 7.8.PNG|560px|RTENOTITLE]]</div> <div class="image-green-border">&nbsp;</div> <div class="image-green-border">'''KPI'''</div>
+
*View: the security group can view report of the respective KPI  
Provide access to various Key Performance Indicators (KPI) for selected group on the ''KPI'' tab.
+
*None: the security group does not have access to report of the respective KPI  
  
The KPI column displays a list of various KPI's used in the system:
+
8.&nbsp;&nbsp; &nbsp;Click Next. The Users tab opens.<br/> 9.&nbsp;&nbsp; &nbsp;For a security group that you are newly creating, you can add users who can be a part of that security group.<br/> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;i.&nbsp;&nbsp; &nbsp;Click “Add User/User Group”. The Add User/User Group drawer opens.&nbsp;<br/> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;ii.&nbsp;&nbsp; &nbsp;Select the users/user group from the displayed list.<br/> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;iii.&nbsp;&nbsp; &nbsp;Click Add. The selected users are added to the Security Group.<br/> 10.&nbsp;&nbsp; &nbsp;Click Next. The Privileges tab opens.<br/> 11.&nbsp;&nbsp; &nbsp;The Privileges tab shows a list of privileges that the users in the security group can have access to. Privileges allows access to various ICI entities such as Agreements, Contract Types, Templates, Signatories, Teams, and so on.<br/> You can choose from the following actions:
  
*View- '''Click''' the radio button to allow the user to view the particular KPI feature.  
+
*Manage: the security group has complete read and write access to the entity. For example, if you select “Manage” for Clause entity then the users in the security group can access and make changes to the Clause.  
*None- '''Click''' the radio button to prevent the user to view the particular KPI feature.  
+
*View: the security group can only view details of the entity. For example, if you select “View” for Agreement entity then the users in the security group can view the Agreement details.&nbsp;
 +
*None: the security group does not have access to a particular entity.  
  
'''Click''' ''Next'' to go to ''Report'' page.
+
Note: For a list of privileges available in ICI, refer [[#_Privileges|Default Privileges of a Security Group]].&nbsp;
  
'''Report'''
+
<br/> 12.&nbsp;&nbsp; &nbsp;Click Next. The Verify tab opens.<br/> 13.&nbsp;&nbsp; &nbsp;Check the details entered or selected in each tab. Use the “Previous” and “Next” buttons to navigate between the tabs. After checking all the details, click “Save” to complete the security group creation process.&nbsp;
 
+
On the ''Report'' tab, you can provide access to various reports of the Key Performance Indicators (KPI) for selected group.
+
 
+
The Report tab consists of following columns:
+
 
+
*Reports- Displays a list of various KPI's used in the system.
+
 
+
*View- '''Click''' the radio button to allow the user to view the report of a particular ''KPI'' feature.
+
 
+
*None- '''Click''' the radio button to prevent the user to view the report of a particular ''KPI'' feature.
+
 
+
'''Click''' ''Next'', the ''Users'' page appears.
+
 
+
'''Users'''
+
 
+
On the ''Users'' tab, add users to the group as follows:
+
 
+
*'''Click'''&nbsp;the ''Add''&nbsp;icon, the Add User/ User Group screen pops up.
+
*'''Select''' a user from the user tiles. You can use scroll arrows&nbsp;to browse through the user tiles.
+
*'''Click''' ''Add''.
+
*'''Click''' ''Next''. The ''Privileges'' page appears.
+
 
+
'''Privileges'''
+
 
+
Use the ''Privileges'' tab to provide access to various entities like agreements, clauses, contract types etc. for the selected group.
+
 
+
The Privileges tab consists 4 columns:
+
 
+
*KPI- Displays a list of various KPI's used in the system.  
+
*Under ''Manage'', '''click''' the radio button to provide complete access to the user for a particular ''KPI'' feature.  
+
*Under ''View'', '''click''' the radio button to allow the user to only view a particular ''KPI'' feature.
+
*Under ''None'', '''click''' the radio button to inhibit the user to from accessing particular ''KPI'' feature. '''Click''' ''Next''. The ''Verify'' page appears.
+
 
+
'''Verify&nbsp;'''
+
 
+
'''Verify''' the details filled under each of the tab on the ''Verify'' tab. '''Click''' ''Previous'' to go back to respective tabs and '''click''' ''Save'' to create a Security Group.
+
 
+
The security group is saved.
+
 
+
&nbsp;
+
  
 
== Edit a Security Group&nbsp; ==
 
== Edit a Security Group&nbsp; ==
  
With ICM, you can create and edit security groups and provide privileges to the group members.
+
You can edit a security group to make changes and update the details of that security group.
 
+
To edit a security group:
+
 
+
1.&nbsp;'''Click''' the ''Security Groups'' tile on the ''User Administration'' page. The ''Security Groups'' page appears.
+
 
+
2.&nbsp;'''Click&nbsp;'''the ''View Record ''icon&nbsp;to edit a security group. The ''Security Group Details'' page appears.
+
 
+
3.&nbsp; The ''Security Group'' page appears. Enter the information for the following tabs in the page.
+
 
+
*Details
+
*KPI
+
*Report
+
*Users
+
*Privileges
+
 
+
'''Details&nbsp;'''
+
 
+
Enter the security group related information in the ''Details'' tab.
+
 
+
1.&nbsp;'''Type''' the name of the group in the ''Name'' box.
+
 
+
2.&nbsp;'''Type''' a description for the group In the ''Description'' box.
+
 
+
3.&nbsp;'''Click''' ''Next''. The ''KPI'' tab appears.
+
 
+
'''KPI tab'''
+
 
+
On the ''KPI'' tab, you can provide access to various Key Performance Indicators (KPIs) for selected users.
+
 
+
The KPI tab columns display a list of various KPIs used in the system.
+
 
+
1.&nbsp;'''Click''' the radio button under ''View'''''&nbsp;''',to allow the user to view a particular KPI.
+
 
+
2.&nbsp;'''Click''' the radio button under ''None'',&nbsp;to prevent the user from viewing the particular KPI.
+
 
+
3.&nbsp;'''Click''' ''Next''. The ''Report'' page appears.
+
 
+
'''Report&nbsp;'''
+
 
+
You can provide access to Key Performance Indicators (KPI) reports for the selected security group from the ''Report'' tab.
+
 
+
The Report tab consists of following&nbsp;columns:
+
 
+
1.&nbsp; Reports- Displays a list of reports.
+
 
+
2.&nbsp;'''Click''' the radio button under ''View''&nbsp;to allow the user to view the report of a particular ''KPI''.
+
 
+
3.&nbsp;'''Click''' the radio button under ''None''&nbsp;to prevent the user to view the report of a particular ''KPI''.
+
 
+
4.&nbsp;'''Click''' ''Next''. The ''Users'' page appears.
+
 
+
'''Users&nbsp;'''
+
 
+
On the Users tab, you can add users to the group:
+
 
+
1.&nbsp;'''Click'''&nbsp;the ''Add User'' icon. The ''Add User/ Distribution Group''&nbsp;window opens.
+
 
+
2.&nbsp;'''Select''' a user from the user tiles. You can use scroll arrows&nbsp;to browse through the user tiles.
+
 
+
3.&nbsp;'''Click''' ''Add''.
+
  
4.&nbsp;'''Click''' ''Next''. The ''Privileges'' page opens.
+
To edit a security group, do the following:
  
'''Privileges&nbsp;'''
+
1.&nbsp;'''Click'''&nbsp;the “Admin” > “Security Groups” on the “Home” page. The Security Groups page opens that displays a list of existing security groups.
  
Use the ''Privileges'' tab to grant access to various entities like agreements, clauses, contract types etc. for the selected security group.
+
2. Click “View Details” (eye icon or three dots icon) to open the details page of the required group.
  
The Privileges tab consists of following&nbsp;columns:
+
3. Click “Edit” on the details page. The Edit Security Group page opens.
  
1. Under Entity- Displays a list of entities used in the system.
+
4. Follow steps 3 through 13 explained in the “Create a Security Group” section to understand various tabs and related fields to do the relevant changes.
  
2.&nbsp;'''Click''' the radio button under ''Manage''&nbsp;to provide complete access to the user for a particular ''KPI'' feature.
+
'''Note: '''In the Users tab, you can see a “Remove” button under each user associated with the security group. Use the option to delete that user from the group.
  
3.&nbsp;'''Click''' the radio button under ''View''&nbsp;to allow the user to only view a particular ''KPI'' feature.
+
5. Click “Update” after required fields are updated.
<div class="image-green-border">[[File:Create Security group Privileges 7.8.PNG|720px|RTENOTITLE]]</div>
+
4.&nbsp;'''Click''' the radio button under ''None''&nbsp;to inhibit the user to from accessing particular ''KPI'' feature.
+
  
5.&nbsp;'''Click''' ''Next''. The ''Verify'' page appears.
+
== Delete a Security Group ==
  
'''Verify&nbsp;'''
+
To delete a security group, do the following:
  
'''Verify''' the details filled under each tab on the ''Verify'' tab.
+
1.&nbsp;'''Click'''&nbsp;the “Admin” > "Security Groups” on the "Home" page. The Security Groups page opens that displays a list of existing security groups.
  
1.&nbsp;'''Click''' ''Previous'' to go back to respective tabs.
+
2. Select the desired security group (you can select more than one group also), and then click “Delete”.
 +
<div class="image-green-border">[[File:Default security group 3.png|720px]]</div>
 +
3. A confirmation message popup is displayed. Click “Yes” to complete the deletion process.
  
2.&nbsp;'''Click''' ''Update'' to update(i.e. save the changes) the ''Security Group''.
+
== Default Privileges of a Security Group ==
  
Thus, you can modify the view and edit privileges allocated to a security group from Edit Security Groups.
+
Privileges are assigned in a security group based on the entities present in the ICI instance. Access can be given to various contract types (including agreement contract types), tiles, and so on.&nbsp;<br/> Access to various reports is also provided through Security Groups, where “View”, “Manage” or “None” access can be provided on the reports for that particular group. For example, only a security group having managers/approvers can be given access to the “Agreements Pending Approval” report.<br/> The number of security group privileges in ICI depends on the entities created on that instance and can vary. The default entities for which privileges are provided are:
  
&nbsp;
+
*'''Add/Remove Team''': Enables user to add a team to or remove a team from any entity record such as an agreement. Users can only be assigned “Manage” or “None” access.
 +
*'''Advanced Analytics''': Enables users to access advanced analytics functionalities such as viewing of analytics dashboards, creation of a new report and natural language data querying.&nbsp;  
 +
*'''Agreement''': Enables user to view or create and edit agreements as per the assigned privileges.
 +
*'''AI Studio''': Enables licensed users to access AI Studio apps and functionalities.&nbsp;
 +
*'''Alias Master''': Enables users with “View” access to view records and those with “Manage” access to create, edit or delete records.
 +
*'''Associated Document''': Enables users with “View” access to view associated documents and those with “Manage” access to create, edit or delete them.
 +
*'''Clause''': Enables user to view or create and edit clauses as per the assigned privileges.
 +
*'''Contract Request''': Enables user to view or create and edit contract requests as per the assigned privileges.
 +
*'''Contract Type''': Enables user to view or create and edit contract types as per the assigned privileges.
 +
*'''Cascade Team''': Enables users to view (use) or create and edit cascade teams as per the assigned privileges.
 +
*'''Default Search Column''': Displays the default search column on entity index pages.
 +
*'''Enable/Disable Team''': Enables user to enable or disable a created team of users, on the Details page for any record such as an agreement, request and so on. Only “Manage” or “None” access can be provided here.
 +
*'''Attributes''': Enables users to view (use) or create and edit attributes as per the assigned privileges.
 +
*'''Linkage Type Master''': Enables users to view or create and edit linkage types. Linkage types can be peer, parent-child as well as other user-defined linkage types.
 +
*'''Masterdata''': Enables user to view (use) or create and edit masterdata such as Country Masterdata, Vendor Masterdata and so on.
 +
*'''Promote Configuration''': Enables users to use or modify Promote Configurations (P2P) Tool for moving ICI configurations from source environment to target environment.
 +
*'''Rules''': Enables users to use or modify rules configured for various actions.
 +
*'''Self Service''': Enables users to use or modify self-serve configuration tools such as the Translations Editor, Search Sync, Configuration Key Editor, among others. Users can only be assigned “Manage” or “None” access.
 +
*'''Template''': Enables users to use or create and modify templates.
 +
*'''Admin Task''': Enables administrators to use or modify self-serve configuration tools such as the Search Sync, Legacy Upload, Data Management functionalities among others. Administrators have “Manage” access by default.
 +
*'''Bulk Action''': Enables administrators to take bulk actions to create multiple records such as users, agreements and so on.
  
&nbsp;
+
By default, only the privileges for Agreement and Admin Task are set to “Manage” for an administrator. All other privileges are set to “None” access. Only an administrator can edit the access privileges for the entities from “None” to “View”/“Manage”.<br/> <br/> Privileges can also be provided for other entities created across the instance such as any new agreement contract types, masterdata such as country or vendor masterdata, associated document contract types, cross-reference mappings for integrations, and so on. Hence, an environment may have several additional entity names along with the ones listed above.
  
'''Related Topics: '''[[Agreement_Management|Agreement Management]] |&nbsp;[[Managing_Organization|Managing Organization]] | [[Managing_Users|Managing Users]] | [[Managing_User_Groups|Managing User Groups]]&nbsp;| [[Application_Settings|Application Settings]] | [[Notification_Settings|Notification Settings]] | [[Currencies|Currencies]] | [[Reasons|Reasons]] | [[Deleting_an_Agreement|Deleting an Agreement]] | [[Search_Sync|Search Sync]] | [[Legacy_Upload|Legacy Upload]]&nbsp;|
+
'''Related Topics: '''[[Agreement_Management|Agreement Management]] |&nbsp;[[Managing_Organization|Managing Organization]] | [[Managing_Users|Managing Users]] | [[Managing_User_Groups|Managing User Groups]]&nbsp;| [[Application_Settings|Application Settings]] | [[Notification_Settings|Notification Settings]] | [[Currencies|Currencies]] | [[Reasons|Reasons]] | [[Search_Sync|Search Sync]] | [[Legacy_Upload|Legacy Upload]]&nbsp;|

Latest revision as of 05:20, 19 May 2022

Managing Security Groups

A security group in ICI is a group of users that have privileged permissions to access and manage entities in ICI. These entities can include Agreements, Contract Types, Templates, Signatories, Teams, and so on. A security group can have no permission at all or have the rights to update or only view the entity details.

ICI allows you to:

  • Search security groups
  • Create a security group
  • View/edit a security group
  • Delete security groups

Each of these operations are explained in the following sections.

Default Security Groups

  • Default: This is the only seeded security group available in ICI when an instance is deployed for the first time. All users in the instance are part of this default group.
Default security group.png

Apart from this, as many security groups as required can be created on an instance. For example “External Users with Login”, “Legal Group”, “Extended Security Group” and so on for the respective user types.

Search a Security Group 

In ICI, you can search security groups to view security groups and view details of each group individually. You can use various options, including the dynamic search feature, multiple filters and custom keywords to search the desired security group.

To search Security Group, do the following:

1. Click the “Admin” > “Security Groups” on the “Home” page. The Security Groups index page appears.

8.0-Managing-Security-Groups-Menu1.png

2.  On the Security Groups index page, you can search for a specific security group using any of the following options:

  •  Click the Select Field list under Search For, and then select an appropriate item. Search results relevant to that item are displayed with a number in the bracket.
    The number denotes the number of security groups that meet the search criteria.
  • Click the box to select a specific item. A list of security groups relevant to the item is displayed.
  • Type relevant keywords in the Custom Keyword box and click Apply to narrow your search further.

Alternatively, type the keywords in the box provided. A list of relevant security groups is displayed.

Default security group 2.png

Enhancing your search
You can further narrow your search by using any of the following methods:
Field Action
"..." Type the search term in double quotation marks.
It shows existing security groups that include the exact search term.
*...* Type the search term in star characters.
It shows existing security groups that include the exact search term.
*... Prefix * to the search term.
It shows existing security groups that end with this term.
...* Suffix * to the search term.
It shows existing security groups that start with this term.

Viewing the saved search terms
View your saved search terms with the following:

  • In the More Views dropdown, select your saved search, and click the Add to Favorite to mark the search term as favorite.
  • You can find your marked favorites below the tiles. For example, “Security Groups for West Region".

Create a Security Group

You can create a group of users and assign specific privileges to the group. You can provide access to various KPIs and reports.
You can also grant view, manage privileges to various entities in ICI.

To create a Security group:

1. Click the "Admin" > "Security Groups"  on the "Home" page. The Security Groups page appears.

2. Click the "Create"  tile. The Create Security Group page is displayed. The Create Security Group page is displayed. The page has the following tabs where you enter information required to create a security group:

  • Details
  • KPI
  • Report
  • Users
  • Privileges
  • Verify
8.0-Managing-Security-Groups-Create1.png

3. The Details tab is open by default on the Create Security Group page. Enter the “Name” and “Description” details for the security group.

4. Click Next. The KPI tab opens.

5. The KPI tab displays a list of key performance indicators that are configured in ICI. You can select the KPIs that the security group can access based on the following options:

  • View: the security group can view the respective KPI
  • None: the security group does not have access to the respective KPI

6. Click Next. The Report tab opens.

7.    The Report tab displays a list of platform (SQL Server Reporting Services based) as well as platform analytics (Power BI based) reports that are configured in ICI. You can select the reports of KPI that security group can access based on the following options:

  • Manage: the security group can open the report and take required actions 
  • View: the security group can view report of the respective KPI
  • None: the security group does not have access to report of the respective KPI

8.    Click Next. The Users tab opens.
9.    For a security group that you are newly creating, you can add users who can be a part of that security group.
                   i.    Click “Add User/User Group”. The Add User/User Group drawer opens. 
                   ii.    Select the users/user group from the displayed list.
                   iii.    Click Add. The selected users are added to the Security Group.
10.    Click Next. The Privileges tab opens.
11.    The Privileges tab shows a list of privileges that the users in the security group can have access to. Privileges allows access to various ICI entities such as Agreements, Contract Types, Templates, Signatories, Teams, and so on.
You can choose from the following actions:

  • Manage: the security group has complete read and write access to the entity. For example, if you select “Manage” for Clause entity then the users in the security group can access and make changes to the Clause.
  • View: the security group can only view details of the entity. For example, if you select “View” for Agreement entity then the users in the security group can view the Agreement details. 
  • None: the security group does not have access to a particular entity.

Note: For a list of privileges available in ICI, refer Default Privileges of a Security Group


12.    Click Next. The Verify tab opens.
13.    Check the details entered or selected in each tab. Use the “Previous” and “Next” buttons to navigate between the tabs. After checking all the details, click “Save” to complete the security group creation process. 

Edit a Security Group 

You can edit a security group to make changes and update the details of that security group.

To edit a security group, do the following:

1. Click the “Admin” > “Security Groups” on the “Home” page. The Security Groups page opens that displays a list of existing security groups.

2. Click “View Details” (eye icon or three dots icon) to open the details page of the required group.

3. Click “Edit” on the details page. The Edit Security Group page opens.

4. Follow steps 3 through 13 explained in the “Create a Security Group” section to understand various tabs and related fields to do the relevant changes.

Note: In the Users tab, you can see a “Remove” button under each user associated with the security group. Use the option to delete that user from the group.

5. Click “Update” after required fields are updated.

Delete a Security Group

To delete a security group, do the following:

1. Click the “Admin” > "Security Groups” on the "Home" page. The Security Groups page opens that displays a list of existing security groups.

2. Select the desired security group (you can select more than one group also), and then click “Delete”.

Default security group 3.png

3. A confirmation message popup is displayed. Click “Yes” to complete the deletion process.

Default Privileges of a Security Group

Privileges are assigned in a security group based on the entities present in the ICI instance. Access can be given to various contract types (including agreement contract types), tiles, and so on. 
Access to various reports is also provided through Security Groups, where “View”, “Manage” or “None” access can be provided on the reports for that particular group. For example, only a security group having managers/approvers can be given access to the “Agreements Pending Approval” report.
The number of security group privileges in ICI depends on the entities created on that instance and can vary. The default entities for which privileges are provided are:

  • Add/Remove Team: Enables user to add a team to or remove a team from any entity record such as an agreement. Users can only be assigned “Manage” or “None” access.
  • Advanced Analytics: Enables users to access advanced analytics functionalities such as viewing of analytics dashboards, creation of a new report and natural language data querying. 
  • Agreement: Enables user to view or create and edit agreements as per the assigned privileges.
  • AI Studio: Enables licensed users to access AI Studio apps and functionalities. 
  • Alias Master: Enables users with “View” access to view records and those with “Manage” access to create, edit or delete records.
  • Associated Document: Enables users with “View” access to view associated documents and those with “Manage” access to create, edit or delete them.
  • Clause: Enables user to view or create and edit clauses as per the assigned privileges.
  • Contract Request: Enables user to view or create and edit contract requests as per the assigned privileges.
  • Contract Type: Enables user to view or create and edit contract types as per the assigned privileges.
  • Cascade Team: Enables users to view (use) or create and edit cascade teams as per the assigned privileges.
  • Default Search Column: Displays the default search column on entity index pages.
  • Enable/Disable Team: Enables user to enable or disable a created team of users, on the Details page for any record such as an agreement, request and so on. Only “Manage” or “None” access can be provided here.
  • Attributes: Enables users to view (use) or create and edit attributes as per the assigned privileges.
  • Linkage Type Master: Enables users to view or create and edit linkage types. Linkage types can be peer, parent-child as well as other user-defined linkage types.
  • Masterdata: Enables user to view (use) or create and edit masterdata such as Country Masterdata, Vendor Masterdata and so on.
  • Promote Configuration: Enables users to use or modify Promote Configurations (P2P) Tool for moving ICI configurations from source environment to target environment.
  • Rules: Enables users to use or modify rules configured for various actions.
  • Self Service: Enables users to use or modify self-serve configuration tools such as the Translations Editor, Search Sync, Configuration Key Editor, among others. Users can only be assigned “Manage” or “None” access.
  • Template: Enables users to use or create and modify templates.
  • Admin Task: Enables administrators to use or modify self-serve configuration tools such as the Search Sync, Legacy Upload, Data Management functionalities among others. Administrators have “Manage” access by default.
  • Bulk Action: Enables administrators to take bulk actions to create multiple records such as users, agreements and so on.

By default, only the privileges for Agreement and Admin Task are set to “Manage” for an administrator. All other privileges are set to “None” access. Only an administrator can edit the access privileges for the entities from “None” to “View”/“Manage”.

Privileges can also be provided for other entities created across the instance such as any new agreement contract types, masterdata such as country or vendor masterdata, associated document contract types, cross-reference mappings for integrations, and so on. Hence, an environment may have several additional entity names along with the ones listed above.

Related Topics: Agreement ManagementManaging Organization | Managing Users | Managing User Groups | Application Settings | Notification Settings | Currencies | Reasons | Search Sync | Legacy Upload |