I am working on an integration where i want to restrict a user’s access to just the UD02 table. Is there way to setup a user to be denied everything except selected tables/process/fields?
restricting access to the menu is not suitable as with the rest api the user can bypass that ‘security’
Brett
Hi Brett,
You are absolutely correct about securing at the data model. Quick question: is this related to a web app you’re exposing to the Internet? If so, you might be able to do the security at the app level which makes calls to your Epicor data adding another layer of security in addition to Field Security.
Mark W.
This is for an internal .Net app to add data to Epicor.
Initially i hoped to use SSO but not all users are on the domain so its back to username/password for authentication. I am thinking to use a dedicated account in Epicor to control access but want to limit the powers of that account.
Brett
I have done this before…
I would use a group (ex UD02Denied" and add whomever user you whish does not have access .
In the load event of the form, read from wich group the user belongs too and if it belongs to the group “UD02Denied” show a message box and close the form afterwards!
Pierre