Defining security privileges for Maximo Mobile role-based applications
Maximo® Mobile role-based applications such as Technician and Inspections are hybrid applications. These applications can work in a browser, in connected mode or through the mobile application which also supports offline mode. Each mobile application can have one or more settings and object structures that control access to mobile data.
| Security component | Overview | Example |
|---|---|---|
| Object structure | Role-based applications can rely on Maximo Asset Management and multiple object structures to send data and updates. Role-based applications use OSLC/REST calls to exchange data with Maximo Asset Management. You define the level of access to an object structure from the Object Structure tab of the Maximo Asset Management Security groups application. | When you are editing an asset, the MXAPIVENDOR object can provide a list of vendor companies in the application. READ access is the minimum required to view the list of vendor companies in the role-based application. |
| Object security | Maximo Asset Management does not have an object level security itself. It grants access to object structures which does not ensure that a user has access to the Maximo Asset Management application that owns the object. In the Application security tab of the Maximo Asset Management Security groups application, you can control the level of access to the application and its associated objects. | Maximo Asset Management Companies application must have READ access at minimum to allow the MXAPIVENDOR to access the COMPANIES object. |
| Application option | Some role-based applications provide the ability to determine what the end user can do. These permissions are determined by the object structure associated with a role-based application. User permissions are defined in the Security options section accessed from the Object Structure tab of the Maximo Asset Management Security groups application. | The Technician role-based application uses the MXAPIWODETAIL object structure. When you select MXAPIWODETAIL from the Object Structure tab, you can control multiple end user features, like status changes, actual reporting and more. |
Each application has a security group template. This template gives users the privileges that are needed by each role based application based on the security groups assigned to the user. You can use templates to grant all privileges needed by a role-based application. You can also use templates to view the options available to be configured. You can use the access the Manage/Apply security template option from the Applications tab of the Security Groups application. You can view the application and object structures required by the role-based application. You can grant everyone in a security group access to an application with the Apply Template option.