You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Restrict account access solely to generating pre-defined Extract files

in Enterprise Data Management 2 comments

Summary:

We need to allow an account to generate dimension Extracts from a specific application, but otherwise have read-only access to the system.

The account's only purpose is using REST API jobs to run pre-defined Dimension Extracts, and download the resulting files to an external system. However, it appears that only System Admin accounts can be granted the ability to run Extracts: even after granting all EDM Roles and Participant status on the Application to a User-level account, it still did not have Extract access.

Given the access level of System Admin accounts, the security risk here is HUGE, when all that's needed is a single capability, without any ability to change the environment's configuration or contents.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!