You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Restrict Access to User Provisioning when Managing Roles

in Applications Security 6 comments

Summary:

When managing roles, it is possible to provision access to users even without the Edit User Account privilege. How can the Users train stop or the Add User button be restricted when managing roles?

Content (required):

The ability to manage roles and provision roles to users is not properly segregated in the system. It is still possible to grant roles to users via the Users train stop when editing a security role.

How can access to user provisioning on this page be restricted? I'd be interested to know if anyone has found a workaround for this system limitation.

Steps to replicate:

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!