Roles: Details

Section

Field Type

Description

Role ID

Display

Unique system ID

Role

Display

Role name. Refer to Roles for a description of each roles function and access level.

Access Type

Display

Internal, external, portal or web-services. Internal denotes back-office users, External is for users outside your organisation who have restricted access and Portal applies to the franchise role.

Restrict Table

Display

External users may be restricted by certain tables, e.g. external fleet managers are restricted by the fm_clients table

Restrict Key

Display

Refers to the key within the restrict table, e.g. client_id

API Access

Display

This field is only checked for the role 'web_services'. This allows these users to authenticate with the API. Access to all other APIs is governed by the settings on the Roles / API tab.

Single Signon

Check Box

If you want to prevent users from using the Login screen to gain entry to the system, check this on. Do this if you are using the Generate a signon token API. If checked, the Change password button and screen are hidden in the Driver Portal.

Disable Passwords

Check Box

If you want to prevent users from using the Login screen to gain entry to the system, check this on. Do this if you are using the Log in with Microsoft Account feature. This checkbox is disabled for roles where it is not suitable; External and Portal roles continue to use the standard login method, The Web Services role can only access the system using an API, Catch-e staff use the standard login method and are required to use 2 Factor Authentication whenever they log in to your system.

Session Timeout

Drop List

Choose the time you want to allow users of this role to have an idle session before it times out. Once a session has timed out, the user will be navigated to the login screen and any locks held by the session are removed. This is defined in Days, Hours, Minutes and Seconds. Timeouts can range from 5 minutes to 2 days. An exception to this rule is the system role "fbt_declaration", which can have longer timeouts to support the Fbt Declaration Emailing process. Daylight Savings: If a timeout entered takes the 'Expires At' sample date over a daylight savings boundary, then it will be +/- 1 hour different to what you might expect. Normally this can be ignored, but if you are setting the expiry for a one off process such as the Fbt Declaration Emailing, you will need to add or subtract 1 hour to achieve the required timeout.

Field

Type

Description

Password Expiry Days

Number

Enter the days you want to default into the Users / Details "Password Expiry Days" field when creating a user record for this role. The expiry days are calculated by checking between the current system date and the date when the user's password was last changed in whole numbers.

Mandatory

Check Box

Check this if you want to require any user with this role to use 2 Factor Authentication. If left un-checked, users can choose to enrol, or remain un-enrolled.

Method

Drop List

Choose the method you want users to apply when enrolling for 2 Factor Authentication.

'User Chooses', 'Auth app', 'Sms' (if configured)

Salary Packaged Contracts

Check Box

When checked, users can see Salary Packaged contracts in the screens listed below. Un-check to hide Salary Packaged contracts. Contracts / Search, Order Management, Due Off Management. This field is checked by default. Access to this field can be role-restricted. This field name can be relabelled.

Unpost Exported Invoices

Check Box

If this field is checked, users can unpost exported invoices from the Billings / Billing Re-print screen or the Contracts / Lease tab. The 'admin' role has permission by default. You can update other roles to have this permission if desired.

Unpost Exported Receipts

Check Box

If this field is checked, users can unpost exported receipts in the Receipts / Allocate screen. By default, the 'admin' role has permission to do this. You can update other roles to have this permission if desired.