User Visibility Rules for Restricted Content

   Journey Manager (JM) The transaction engine for the platform.  |    System Manager / DevOps  |  19.05 This feature was introduced in 19.05.

Manager implements rules to ensure that users of the Workspaces portal can't access restricted content, such as organizations, groups, users, forms, and form categories configurations. The rules are summarized below:

  1. A global user, with the global access enabled, will see all organizations, groups, users, forms, and form categories information, if they are assigned to the Workspaces portal.
  2. A user belonging to an organization without any form categories won't see any categories.
  3. A user belonging to many organizations will see all the categories associated with these organizations.
  4. A users without an organization won't see any organizations, groups, users, forms, and form categories information.
  5. A user can see organizations they are assigned to and should be part of the Workspaces portal.
  6. A user can see forms available to the organizations where the user has access to and is part of the Workspaces portal.
  7. A user can see users available to the organizations where the user has access to and is part of the Workspaces portal.

Manager also maintains a separate set of rules for restricting:

The Workspaces APIs use these rules to filter the category, form, group, org, user, and transaction query responses.

Next, learn more about user transaction security.