Best Approach for Controlling Field Access in Read-Only Interface

Question

How can we allow certain users to view critical fields while restricting access for others, all within the same application and read-only interface? What&rsquo;s the best approach to achieve this?

Konduru Chaitanya · Answer

Hello sanjuktab2257 
 You could add these people to specific groups and use these groups to determine the visibility. You can call the a!isUserMemberOfGroup() against the loggedInUser in a local and use it in the ShowWhen parameter of your critical fields.

Andrew Hickingbotham · Answer

On top of this (and this may not apply in your situation) I would consider if the real thing you are restricting access to the data OR if it's something else such as a user experience thing where different personas or situations benefit from a different UI experience. 
 I mention this as if it's the data that needs to be controlled I would also add in record level security to ensure you only show the data to the right people. It's another layer (you would still want to have dynamic UI elements) but can be critical in certain situations such as protected data (personal identifying and health data for example). 
 https://docs.appian.com/suite/help/24.4/record-level-security.html

Mathieu Drouin · Answer

This is probably the most straightforward way. 
 If you want to achieve true row level security you could also isolate the sensitive fields in a separate Record Type and secure it with whatever group you choose. 
 This way, the security will apply anywhere the Record is queried (i.e. Process HQ).

Best Approach for Controlling Field Access in Read-Only Interface

Top Replies