Assigning and removing a role from a user or group

After role templates are created, you can assign one or more roles to groups and users on a security context point within a business entity security domain.

About this task

If your organization has many security context points, you can filter on the name of a security context point to reduce the scope of the items listed.

You can assign a role to a user or group. Alternatively for users, you can assign roles from the user account. For more information, see Modifying user accounts.

When you revoke a role from a user or group, the role assignment is explicitly removed from the user or group on a given entity.

Disassociating users from a security domain group does not result in removal of their role assignments on that entity.

You can revoke a role assignment from a user or group from the Role Assignments tab of the business entity security domain group page. Alternatively for a user, you can remove roles from the user account. For more information, see Modifying user accounts.

1. Click > Users and Security > Domains & Groups.
2. Click Domains.
3. Click the name of the security domain group to which you want to add a role assignment for a user.
4. On the selected security domain group, go to the Role Assignments section.
5. Click Add.
6. In User/Group, find and select each group or user that you want to add.
7. In Role Type, select a security point. If only one security point (such as Business Entity) is defined for your system, this is the only value in the list.
8. Select a Role Template.
9. Click Choose next to Security Domain.
   1. A list of security points is displayed. Expand the folder if needed.
   2. Select one or more security context points from the list.
   3. Click Done.
10. Click Add.
11. To remove a role assignment, go to the Role Assignments section. Select the user/group with a check mark and click Remove.