Is there a way to create an operator that doesn't have access to web console particularly /view/campaign or /view/home but has an access to a web application i.e. https://<campaign instance url>/webApp/<web app name>?
Based on documentation, we can forbid an operator to access to the rich client:
However, I can't find any to forbid web console access.
Yes, It is not possible to restrict access to view/home if the operator has at least some basic rights (like belongs to some group). However, If the operator does not have read access to a folder, where campaign actually exists, one will not be able to see it anywhere. Same goes for workflows, deliveries and any other records.
I have operators, who can access only designated folders and have only read-only access to them for monitoring purpose.
So it is possible to store web-app to a special folder, restrict operator access only to that folder and in theory, it should be secure.
The Rich Client is the console. If you forbid the access to it, the operator will not be able to login to the console only. But one will be able to login to web app or perform a SOAP calls, if one have right permissions.
Hi DimaKudryavtse It's actually client's requirement to disable the /view/home of the web console to a specific operator. Not sure if this is possible since web app are accessed via web console (like reports) and yet they wanted to disable this for a specific operator.