Configuring access rights in Acumatica
Created by Damien Zwillinger, Modified on Thu, 05 Oct 2023 at 05:50 PM by Gabriel Michaud
- Velixo NX
- Velixo Classic
- Acumatica, Cegid, MYOB
At the most basic level, Velixo is governed by the same access rights as Acumatica. So, if you want to control access to various Velixo features, you can do so by controlling access to the screens used for those elements in Acumatica:
Drilldown - Account Details and Project Transaction Details
GL Writeback - Journal Transactions
Budget Writeback - Budget
The first time you connect to a tenant, the system will prompt you to create the generic inquiries that are necessary to support Velixo.
To do that, you need access to the Generic Inquiries page within Acumatica (or MYOB Advanced). At a minimum, a user would require DELETE access to that page.
If you do not have sufficient access to the Generic Inquiries page, an error will be displayed.
Once the inquiries have been created, you only need to have Read access to the VelixoReportsPro-*** inquiries (from the Hidden or Data Views section of the site map) to be able to use Velixo.
Under typical circumstances, all Acumatica (or MYOB/CEGID/etc.) users have access to all of the VelixoReportsPro-*** inquiries.
To verify the permissions, open Acumatica's Access Rights by Screen page (SM.20.10.20).
You then want to expand the area where the Velixo inquiries are listed. This area can vary, based on whether or not you are using Velixo in Easy Start or Customization Mode, and your version of Acumatica.
When using Customization mode with an up-to-date version of the Acumatica Customization Project, you will want to expand the Velixo area.
When using Easy Start Mode, you will want to expand the Data Views folder (or Hidden folder if you're using version 2019 R1 or earlier):
Within that folder, scroll down to the data views that begin with VelixoReportPro-
When Not Set is assigned to all roles (as shown above), Acumatica will ALLOW every role to have access to the inquiry.
However, any change can affect all users.
As soon as access rights are directly set for ANY role...
... Acumatica will DENY access to the inquiry for every other role which is configured for Not Set. (i.e., does not have an access right which has been explicitly configured).
In this situation, one of the following access rights MUST be set for any roles which require access to Velixo: View Only, Edit, Insert, or Delete.
For additional information on access rights levels, refer to this Acumatica help article: Levels of Access Rights
As the name suggests, Restriction Groups provide the ability to restrict accounts, subaccounts projects, etc. on a user-by-user basis. Velixo supports the use of Restriction Groups. More information about configuring this type of security can be found in the Acumatica Documentation.
Error 403 Forbidden while refreshing data