Sigma enables you to assign different roles for the maker, checker and viewer users of an implementation team, thereby enabling the listed maker, checker and viewer users to be assigned with the appropriate accessible roles based on their entitlements. On accessing Sigma Studio, the maker, checker and viewer users can respectively create, approve and view the various Studio components to which they are entitled and it is essential that the approval flow should be initiated, so as to enable the approval privileges for the checker user.
For the Studio Application, integrated with the Intellect ARX authentication system, it is essential that you must have already created the user roles for the maker, checker and viewer implementation users in the Intellect ARX authentication system portal. When you create the maker, checker and viewer implementation users in Intellect ARX, ensure that you select the appropriate User Type, Sub-Type, Entity and Role in the User Creation screen for the implementation users. For instance, if you create an implementation maker user, it is essential that the User Type should be selected as Bank User, whereas the Sub-Type should be chosen as Functional User and the Entity should be selected as STUDIO, while the Role must be selected as IMT-OFFICE-MAKER in the User Creation screen on the Intellect ARX authentication system portal. Similarly for the implementation checker and viewer user roles, the User Type, Sub-Type and Entity remain the same as the implementation maker user, but the Role must be selected as IMT-OFFICE-CHECKER and IMT-OFFICE-VIEWER respectively.
Once the implementation user is created, the appropriate access controls should be provided to the implementation user. Ensure that the Role is selected as IMT-OFFICE-MAKER, IMT-OFFICE-CHECKER and IMT-OFFICE-VIEWER for the maker, checker and viewer implementation users in the Access Controls screen when providing the access controls to the implementation users on the Intellect ARX authentication system portal. The System Administrator will approve the user details and the access controls provided to the implementation users assigned with different user roles on the Intellect ARX authentication system portal. Once the implementation users with specific user roles are created in Intellect ARX, ensure that you provide appropriate entries in the CT_REQ_MDLR_AUTHFLOW table on the Studio schema. Apart from reports, the implementation maker, checker and viewer users can respectively create, approve and view connections, data sources, data source aggregators, roles or entitlements, apps, notification templates, report criteria and report groups based on the provided entitlements and user roles in Sigma Studio. The implementation maker, checker and viewer users will be able to access only the Sigma Studio Application.
You can even create a standard implementation user in the Intellect ARX authentication system without assigning the checker and viewer roles, thereby ensuring that no approval flow gets involved. To create a standard implementation user in the Intellect ARX authentication system, ensure that you select the relevant User Type, Sub-Type, Entity and Role in the User Creation screen for the standard implementation user. For the standard implementation user, it is essential that the User Type should be selected as Bank User, whereas the Sub-Type should be chosen as Functional User and the Entity should be selected as STUDIO, while the Role must be selected as IMT-OFFICE-MAKER in the User Creation screen on the Intellect ARX authentication system portal. It is necessary that you select the Role as IMT-OFFICE-MAKER in the Access Controls screen when providing the access controls to the standard implementation user on the Intellect ARX authentication system portal. The standard implementation user can create notification templates, apps, reports and report groups based on the provided entitlements and user roles in Sigma Studio. The standard implementation user will be able to access only the Sigma Studio Application.
Perform the following step on the Studio schema:
- In the CT_REQ_MDLR_AUTHFLOW table, change the type of authentication from noauth to foureye or sixeye and make changes to the AUTH_FLOW column accordingly. A sample entry is provided as follows:
TABLE COLUMN | VALUES |
GCIF | CTSTUD2014ENTL |
FLOW_CTRL_ID | 005 |
PRODUCT | VISUALIZATION |
SUB_PRODUCT | REPORTS |
CHANNEL_ID | 3 |
APPLICATION_ID | CTSTUDIO |
DEFAULT_IND | Y |
EVAL_CONDITION | { condition : [ { id : equals , field : $context.authflow value : true } ] } |
EVAL_ORDER | 1 |
STOP_PROCESS_IND | FALSE |
RESPECT_HIER_IND | FALSE |
TYPE | foureye |
AUTH_FLOW | { authflow : [ { tier : [ { type : INTEGER, min : 10, max : 100, workflow : { type : foureye , flow : { completed : false } } }, { type : INTEGER, min : 100, max : 1000, workflow : { type : sixeye , flow : { completed : false } } }, { type : INTEGER, min : 1000, max : 10000, workflow : { type : tree , flow : { condition : OR , completed : false, flow : [ { role : A , count : 1, completed : false }, { role : B , count : 2, completed : false }, { role : D , count : 1, completed : false }, ] }, { completed : false, flow : [ { role : A , count : 1, completed : false }, { role : C , count : 1, completed : false }, { role : D, count : 1, completed : false } ] }, { completed : false, flow : [ { role : X , count : 1, completed : false }, { role : Y , count : 1, completed : false } ] }, { role : E , count : 1, completed : false }
]
}
}
}
] } ] } |
Refer the following pages for detailed information on the usage of implementation maker, checker and viewer user roles in Sigma Studio:
0 Comments