At the most basic level, Velixo is governed by the same access rights as Acumatica. So if you want to control access to various Velixo features, you can do so by controlling access to the screens used for those elements in Acumatica:

The first time you connect to a tenant, the system will prompt you to create the generic inquiries that are necessary to support Velixo Reports.

To do that, you need access to the Generic Inquiries page within Acumatica (or MYOB Advanced). At a minimum, a user would require DELETE access to that page.

If you do not have sufficient access to the Generic Inquiries page, an error will be displayed.

Once the inquiries have been created, you only need to have Read access to the VelixoReportsPro-*** inquiries (from the Hidden or Data Views section of the site map) to be able to use Velixo Reports.

Under typical circumstances, all Acumatica (or MYOB) users have access to all of the VelixoReportsPro-*** inquiries.

To verify the permissions, open Acumatica's Access Rights by Screen page (SM.20.10.20).

You then want to expand the area where the Velixo inquiries are listed. This area can vary, based on whether or not you are using Velixo Reports in Easy Start or Customization Mode, and your version of Acumatica.

When using Customization mode with an up-to-date version of the Acumatica Customization Project, you will want to expand the Velixo area. When using Easy Start Mode, you will want to expand the Data Views folder (or Hidden folder if you're using version 2019 R1 or earlier):

All the inquiries that Velixo Reports uses will have the prefix VelixoReportsPro-

(note: You may have other, custom Velixo inquiries. These will typically have the prefix Velixo)

Within that folder, scroll down to the data views that begin with VelixoReportPro-

When Not Set is assigned to all roles (as shown above), Acumatica will ALLOW every role to have access to the inquiry.

However, any change can affect all users

As soon as access rights are directly set for ANY role...

... Acumatica will DENY access to the inquiry for every other role which is configured for Not Set. (i.e., does not have an access right which has been explicitly configured).

In this situation, one of the following access rights MUST be set for any roles which require access to Velixo Reports: View Only, Edit, Insert, or Delete.

For additional information on access rights levels, refer to this Acumatica help article: Levels of Access Rights

As the name suggests, Restriction Groups provide the ability to restrict accounts, subaccounts projects, etc. on a user-by-user basis. Velixo Reports supports the user of Restriction Groups. More information about configuring this type of security can be found in the Acumatica Documentation.

Error 403 Forbidden while refreshing data