Managing Finance Automation Users and Roles
Introduction
Use of the Redwood Server cloud based process automation service is strictly controlled, with userid and password credentials required to gain access to a customer account. Different types of user and role further control the functions available. This document provides an overview of the different user types and roles provided by Redwood Server.
User Types
Redwood Server users will be one of two types: Administrator or User, as described below.
Administrator
Each Redwood Server account is created with an initial user enabling the account to be accessed and used. This user will be the designated Account Administrator for the customer. Depending on the level of service, this user has the authority to create additional users through the Users tab in the Redwood Server website and to determine their user type. Users created as Administrator are given the same level of access as the original Account Administrator. These users can create, edit and delete users, can access billing information, can edit aspects of the environment and create custom roles.
It is recommended that customers create at least one additional Administrator user in their account to provide cover should the primary Account Administrator be unavailable.
User
Users of the type User are not able to make any changes in the Redwood Server account area. They cannot access the Users tab or any of the functions associated with it and do not see any billing information. These users can only see the main dashboard. They can click on the Connect buttons for the environment(s) to which they have been given access, but have no administration capabilities regarding the Redwood Server account itself.
Standard Roles
The following standard roles are provided with Redwood Server:
Core roles (always required):
scheduler-administrator- can perform all actions.scheduler-bae-only-user- indicates that the user account is restricted to logging in via the SAP Inbound interface, only.scheduler-isolation-administrator- can import and modify users.scheduler-screen-reader- indicates that you are using a screen reader.scheduler-user- has access to Redwood Server only, cannot see any objects (always required, even for administrators).scheduler-viewer- read only access to all objects.
The user access roles are bound to features that require a specific license key:
scheduler-business-user- can access the business-user-centric user interface.scheduler-it-user- can access the it-user-centric user interface.
Predefined roles (optional):
scheduler-event-operator- can raise and clear events, as well as all privileges assigned toscheduler-viewer.scheduler-job-administrator- can create/edit/delete event definitions, process definitions, and chain definitions and modify both processes, and chains, as well as all privileges assigned toscheduler-event-operator.
note
If you get an HTTP error 403 - Access Denied after logging in, your user may be lacking the scheduler-user role.
Fine-grained security is available inside Redwood Server.
Finding Users
You can search for users using filters and the Search Users box on the Users tab. This box is known as the IntelliSearch box and located under your username on the top right-hand side of the user interface. Filters allow you to specify a list of objects with static criteria. IntelliSearch allows you to specify complex queries in a simple way using prefixes. Prefixes are used to specify which property you are searching in and have short as well as long syntaxes. For example, if you want to display all users with the term user in the comment, you would use the search criteria as follows:
c:PR1
You can search more than one property, as follows:
c:PR1 n:JV
note
No spaces should be entered before or after the colon (:).
See the Advanced Object Search for more information.
The following table illustrates the available prefixes for queues:
| Prefixes | Description |
|---|---|
| n, name | searches the name property |
| c, comment | searches the documentation property |
| d, description | searches the description property |
| a, application | searches the application property |
| cb, changedbefore | (internal) search for documents that changed before a certain ISO-8601 period |
| searches the email property |
financeTopic
onsiteTopic