Security Privileges for Users and Groups

This topic describes various privileges that can be granted to users or groups. When the privileges granted to a user and a group are different, they combine according to a given set of rules. Learn more

Name	Description
Application Actions	Restricts actions that can be taken in individual applications.
Points	Restricts operations with real-time points. Use this tab to define permissions for the following actions: - Read: Access real-time point values through clients such as GraphWorX. - Write: Write values to writable points. You can also use the Write RegEx column for advanced filtering. - Browse: Browse points in the data browser during configuration.
Alarms	Restricts interactions with alarms managed by the GENESIS Alarm Server. Use GENESIS address space point syntax to refer to alarm sources. Available actions include: - Ack: Acknowledge active alarms. - View: View active alarms in clients such as the Alarm Viewer.
Files	Restricts file interactions in GENESIS clients, such as GraphWorX display files. Table entries require the full file path, including extensions. Wildcards are allowed (e.g., `.`). Available actions: - Read: Open files for reading. - Create: Create new files. - Modify: Save edited files.
Stations	Restricts system access from specific network nodes. Entries can be the node's Fully-Qualified Domain Name (FQDN) or system IP address.
Methods	Restricts the use of specific methods defined in the GENESIS address space. For example, to deny a user's ability to silence alarms, add "*\Silence" to the Deny section.
Assets	Restricts visualization and execution of assets in the GENESIS Assets database. Available actions: - Visualize: View assets in the Asset Navigator. - Execute: Perform commands defined on assets.
Favorites	Restricts interactions with items shown in Favorites lists. Available actions: - See: View items in Favorites. - Modify: Add or remove items from Favorites.
Charts Library	Restricts interactions with items in the Favorites list of the Charts Library. Available actions: - See: View charts in the library. - Modify: Add or remove charts from the library.
Reports	Restricts interactions with reports managed by GENESIS Reports. Available actions: - Download: Download generated reports. - Execute: Generate new reports. - Approve: Approve executed reports.
Transactions	Restricts interactions with transactions managed by GENESIS Bridging. Available actions: - Download: Download transaction logs. - Execute: Execute transactions.
Custom	Restricts usage of custom-defined strings. Most common usage of this functionality is for VBA Scripting. These scripts may use custom-defined strings as security tokens that are evaluated by the Security Server. Access to values within these strings can be restricted by putting their names in this table.
Map Control Credentials	Lists credentials required to access maps in the GraphWorX Map Control. Provide an identification Key for map provider connections. For detailed information, refer to your map provider's documentation (for example, Google API Keys).
Authorization	Manages user participation in single or double authentication for FDA-related operations such as audit logging and e-signatures. Available actions: - Performer: Provide an e-signature as a performer during single authentication or notify a verifier during double authentication. - Verifier: Approve changes proposed by a performer during double authentication.