Provision Request Manager - Access Issue

Question

Hi All,
PRM is used to assign access to the users (adding, removing, adding to groups etc)
However, we need a different team to handle the security provision without having access to any other components in OneStream.
It seems challenging to provide such group/user who can assign access without having Admin role.
Does 6.6 version fix this with the Security updates available in 6.6 or the Provision manager again needs to have the Admin role?
Or are there any APIs we can use to modify the users based on requests.

charris · Answer

Ramu,This is exactly what the "Manage System Security" role is for in 6.6. There is also a BRApi for security management, you can use to do all kinds of things, I've seen them in BRs attached to DM jobs that were started from REST API calls sent from an IT owned system for user management, you could also use a service account to add the DM to a task scheduler job and have it pull updates in from some external source.

RamuV · Answer

Thank you for the reply, Charris!I got the 6.6 installed now so will have a look into it and keep the community informed on how it goes.&nbsp;

DK_OS · Answer

Hi RamuV/ Charris.i too tried the BRAPI for access provsisioning. for ADD USER, UPDATE USER (add or remove groups), REVOKE USER.
all are working fine, but in the DASHBOARD --&gt;NAVIGATION CENTER--&gt; SECURITY AUDIT REPORTS --&gt; USER CHANGE AUDIT.
i cannot see the change line appearing in this report, executed by task scheduled for the DM (run by Business Rule.).is there a way to enable the time in this report. apart from this i see the audit data and time in TOTAL USERS, USER LIST reports.

Forum Discussion

Provision Request Manager - Access Issue

3 Replies

Related Content

Tax Provision Blueprint Instruction Guide - PV7.3.0 SV100

Is Tax Provision Upgradeable?

Provision user to access FileShare

Sample Reports - Tax Provision Blueprint Overview

What Types of Tax Provisioning Can Be Done