Overview of Request Security

This section addresses the data and process security related to creating and processing requests in Demand Management. Demand Management lets you control who can participate in request resolution. You can restrict user participation based on the following:

• Request creation

  • Who can create requests

  • Who can use a specific workflow

  • Who can use specific request types

• Request processing

  • Who can act on each step in the workflow

    For this restriction, enable access by specifying users or security groups. Access can also be provided dynamically by having a token resolve to provide access.

  • Who can view or edit certain fields in a request

    For this restriction, enable view or edit access to request fields by specifying users or security groups. You can also have a token resolve to provide access dynamically.

• Managing request resolution

  • Who can change the workflow

  • Who can change each request type

Configuring this data and process security often involves setting the following:

• Licenses

• Access grants

• Request type settings on the User Access tab

• Field-level settings set in the Field definition window