Skip to main content
Skip table of contents

User Authentication Process


The process of authentication into the Web Portal starts with one of the following scenarios:

  1. By entering a username and password combination into the login page, or
  2. By supplying a valid token using the Token Authentication System

The system checks if a regular user or token-based user has signed in and is accessing the portal (an example of a token-based user is a new employee being onboarded receiving a token to access the onboarding package). If a token ID is present, the token is verified using the Token Authentication System and an employee number and role code are returned from the valid token. From here, the employee number and role code are used for the security module as if a regular user has been authenticated and signed in.

The system performs additional checks to determine if the user has an assignment with role based on the category or position code or has a role override in Security Builder and based on the information returned determines whether the user will access the system based on a role or an override.

There are areas where the role could be applied based on the employee's assignment, but for some reason might need to be overridden for certain individuals. Currently, a Menu Builder Override would not accomplish this, so the Security Builder Role Override would be required.

Examples of security provisions based on role that might require a Security Builder Role Override to still be in place:

  • eDocs is the SMS Document Security Code is based on Role
  • Dashboards assigned by Role
  • GL Security applied to a Role
  • RW Reports for all products, secured by Role

In the case of provisioning based on the employee's Role, Security Builder overrides the Assigned Role, as it always has.

Important: The calculation of a Role and its priority is the same as in previous releases and remains unchanged. The main thing to note is that the Menu Builder process gets called after the login process has completed. If a user has a Menu Override (meaning, the user has a record in Menu Builder and is assigned a role or roles in Menu Builder) the menu items for these roles will be seen instead of those from the Security Role determined at login. If the user does not have a Menu Override present in Menu Builder, the Role code calculated during the login process is used to generate the menu.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close