Hi everyone.
Is there a way to create an operator that doesn't have access to web console particularly /view/campaign or /view/home but has an access to a web application i.e. https://<campaign instance url>/webApp/<web app name>?
Based on documentation, we can forbid an operator to access to the rich client:
However, I can't find any to forbid web console access.
Is this possible?
Any help is greatly appreciated.
Solved! Go to Solution.
Yes, It is not possible to restrict access to view/home if the operator has at least some basic rights (like belongs to some group). However, If the operator does not have read access to a folder, where campaign actually exists, one will not be able to see it anywhere. Same goes for workflows, deliveries and any other records.
I have operators, who can access only designated folders and have only read-only access to them for monitoring purpose.
So it is possible to store web-app to a special folder, restrict operator access only to that folder and in theory, it should be secure.
Please check out this link: Access management
Hi
The Rich Client is the console. If you forbid the access to it, the operator will not be able to login to the console only. But one will be able to login to web app or perform a SOAP calls, if one have right permissions.
Hi DimaKudryavtsev
Yeah...that setting is to forbid access on the rich client console. How about forbid an operator to access the web console but still can access a web app? Is that possible?
Views
Replies
Total Likes
Not to my knowledge.
Can you just restrict operator access to all folders apart of web app folder? You can see what folder access operator has in Audit -> Folder Rights
To make it easy, create operator group, that have required level of access and make the operator be a part of this group and make sure one does not have any access outside of the group access.
Hi ,
Disabling rich client access option will restrict user to log in via
https://<your Adobe Campaign server>:<port number>/nl/jsp/logon.jsp
but user will be able to Log in using below link
https://<your Adobe Campaign server>:<port number>/view/home
Now options we have to avoid access other modules
A) Based on access rights user can be restricted to view any modules except Web module .
B) If you already published your WebApp shared the link of your WebApp with the user and disable the rich client option by this user will only be able to view WEBAPP.
Hope this helps !
Thanks,
Kapil
Hi Kapil.
Apologies as I am kind of new to access management in Adobe Campaign.
May I ask what access rights to assigned to a user to restrict view of any modules except web module?
And will that restrict the user in accessing /view/home?
Thanks.
Views
Replies
Total Likes
Hi DimaKudryavtse
It's actually client's requirement to disable the /view/home of the web console to a specific operator.
Not sure if this is possible since web app are accessed via web console (like reports) and yet they wanted to disable this for a specific operator.
Views
Replies
Total Likes
Yes, It is not possible to restrict access to view/home if the operator has at least some basic rights (like belongs to some group). However, If the operator does not have read access to a folder, where campaign actually exists, one will not be able to see it anywhere. Same goes for workflows, deliveries and any other records.
I have operators, who can access only designated folders and have only read-only access to them for monitoring purpose.
So it is possible to store web-app to a special folder, restrict operator access only to that folder and in theory, it should be secure.
Please check out this link: Access management