Posted: 17 Oct 2019 17:33 EDT Last activity: 13 Nov 2019 16:30 EST
Switching apps from the portal doesn't get you the right privileges
Hi. I've noticed at a CPM healthcare site that if a person has two applications they can switch from the user portal, that when the switch, the don't get the same privileges as if they signed into that second app directly. For example, users that have an Admin or Supervisor role as a default, switches apps from the portal to the CSR app. They are missing some privileges that they would have if they sign onto the CSR app directly. If we change their default app in the OperatorID to the CSR app, they have the right privileges.
Is this working as designed? Or is there a workaround?
I had thought I saw an SR for this, but I could not find it; I'll give a place to start searching here.
On the pxThread page on the clipboard will be the security snapshot, and part of this snapshot will be a list of the various roles that are currently enabled for this user's thread. I'm guessing that depending upon whether or not you switch aps, or log in directly to the ap, you end up with different roles. You should confirm this -- it is probably the lack of a certain role which results in the lack of the privilege.
So if you lack the role in one instance but not the other, do you have the same access groups in both cases, or do you have different?
Once you gather up all the data, you'll have to decide if the ap switch is correct, even though different roles are not assigned. After all, if you think about it, there is a conceptual difference between logging in as user A on Application Alpha, and then switch to Application Beta as user A, or just logging in directly as user A to Application Beta. It is the fact that you refer to both "users" as "user A", but there is no implicit or explicit statement that the two "user A's" are exactly identical. We gave them the same name because loosely they are, but that equivalence does not seem to go all the way down to the last measurable item.