Tell us what you think

We want to create the best possible experience for our learners. Your feedback helps us to improve the experience for everyone.

Configuring Role-Based Permissions for self-service during implementation

Objectives

After completing this lesson, you will be able to:

Customize RBP for self-service access.
Update employee information by using manager self-service (MSS).

RBP for Employee Self-Service (ESS)

You previously learned about role-based permissions for administrators. In this lesson, you will learn how Employee Central uses RBP to manage Employee Self-Service and Manager Self-Service. Self-Service is built into Employee Central and is not an additional solution.

In the figure, RBP for Employee Self-Service, you can see an example of how this feature works. Employee Self-Service allows employees to initiate and complete transactions without HR tickets. For example, an employee can change their home phone number. RBP typically has three parts. In the figure, the granted population is all employees, the role is the permission to view and edit the phone number, and the target population is themselves.

Typical employee self-service options include:

Update marital status or name change
Update of home address information
Update of dependents information
Updated of emergency contact information

To navigate to Personal Information, click Home → My Employee File. Then, click the Public Profile drop-down menu and choose Personal Information.

Permissions control the level of access a user has over Employee Central blocks. In the figure, Employee Self-Service, Carla Grant can view the Personal Information section of the profile and has edit access to her Address and Personal Information blocks.

Note

Even if an employee has permission to change some of the information, approval could be configured as guardrails.

Employee Self-Service permission

Go to Manage Permission Roles to create or edit existing employee self-service roles.

Assume that we are setting the permission for users to have edit access to the Personal Information block:

To ensure the user can see the section where the block is configured, set the relevant People Profile section in the Employee Views first.
To see the block, select View Current or View History permission of the Personal Information Actions.
To enable the edit/pencil function, select the Edit/Insert of the Edit Link.
To edit field-level information, select the Edit/Insert of the relevant fields.
Do the same for any other effective-dated blocks to which you want users to have edit access.

Hint

Avoid giving users the Edit/Insert permission for the block actions to ensure users cannot bypass workflows when configured. Delete and Correct level permissions are reserved for select administrators only.

Exercise: Customize RBP for ESS

Business Example

ACE Corp wants to customize what employees can view and edit in their Personal Informationsection of the People Profile. You will adjust the permissions to fit their requirements.

Note

You must have completed Prepare an Instance (Unit 1) and Prepare the Data Models (Unit 2) exercises before completing this hands-on. This exercise activity is not required for completing succeeding hands-on exercises for this course.

Steps

Proxy as Larry Ye and test what changes Larry can perform on his personal information using the current self-service permissions.
1. Proxy as Larry Ye
2. Navigate to My Employee File → Personal Information
3. Verify if he can edit his National ID and Contact Information. Is he able to Insert a New Record in Personal Information history?

Go to Manage Permission Roles to update the Employee Self-Services role. Use the table to define the permissions required. Leave the other permissions as is.

RBP for ESS

Block	Field	Permissions
National ID	All	View/Edit
Contact Information	Email, Phone, Social Accounts	View/Edit
Contact Information	Business Email	View
Personal Information	First Name, Last Name, Gender, Marital Status	View Current/History

As an administrator, go to Manage Permission Roles using Action Search.
Select Edit in the Actions column of the Employee Self-Service role. Select next.
Search for the National Id field in Employee Data category. Set the permission to View and Edit.
Search for the First Name, Last Name, Gender and Marital Status fields in Personal Information of the Employee Central Effective Dated Entities category. Remove the Edit/Insert permission for the fields.
Select next and save.

Proxy as Larry Ye and verify that the ESS permissions are configured correctly. Does it match the desired permission/level of access?
1. Proxy as Larry Ye
2. Navigate to My Employee File → Personal Information.
3. Can you edit the National ID block?
4. What can you edit under Contact Information?
5. What fields can you edit in Personal Information?

RBP for Manager Self-Service

Manager Self-Service allows a manager to initiate transactions for their direct reports. These transactions are typically accompanied by workflows.

Typical manager self-service transactions may include:

Update employee job information
Update salary information
Initiate transfers

Manager Self-Service

The Actions button is the typical starting point for managers. A list of options appears here to initiate transactions for their employees. The manager selects the kind of change that is required and fills in the appropriate fields. In the figure, MSS, you can see examples of typical MSS options. Take Action menu is available in the employee’s profile or quick card.

Manager Self-Service permissions

Assume that we are setting the permission for managers to initiate changes to Job Information for their employees.

To ensure that the manager can see the section the block is configured, set the relevant People Profile section in the Employee Views first.
To see the block, select View Current or View History of the Job Information Actions.
To enable the Edit/pencil function, select the Edit/Insert of the Edit Link.
To edit field-level information, select the Edit/Insert of the relevant fields.
Do the same for any other effective-dated blocks to which you want users to have edit access.
To initiate the changes using Actions in People Profile, select Edit permission for Update Employment Records in Employee Data category, as indicated in the screenshot.

Hint

Avoid giving managers the Edit/Insert level permission for the block actions to ensure workflows cannot be bypassed when configured. Delete, and Correct level permissions are reserved for select administrators only.

Exercise: Customize and use Manager Self-Service (MSS)

Business Example

ACE Corp doesn't want their managers initiating changes to Job Information, Compensation Information and Job Relationships without approval. They want to apply the following restrictions to their manager permission role.

Managers must have view Current | History and Edit permissions to Job Info, Comp Info and Job Relationship (permission to fields and other blocks remain the same).
Managers must not have access to History → Insert New Record.

Note

Steps

Proxy as Carla Grant to verify the existing manager permissions.
1. Log in to your instance, proxy as Carla Grant.
2. Navigate to Marcus Hoff's profile.
3. Verify that Carla has the History Button → Insert New Record permission for Job Information, Job Relationships, and Comp Information.
4. Stop the proxy to become self.
Go to Manage Permission Role to update the Manager Permission role as requested by ACE Corp.
1. Go to Manage Permission Roles using Action Search.
2. Select Edit in the Actions column of the Manager role. Select next.
3. In the Employee Central Effective Dated Entities category, unselect the Edit/Insert permission for Job Information Actions, Compensation Information Actions, Job Relationship Actions. This will take away the manager's ability to use the Insert New Record in the history window.
4. Select next and save. Log out and Log back in.
Proxy as Carla Grant to test the adjusted permissions.
1. Proxy as Carla Grant.
2. Navigate to Marcus Hoff's profile and verify that Carla has no Insert New Record permission for Job Information, Job Relationships, and Compensation Information.

Next lesson