Effective Permissions Investigation Console (EPIC)

Effective Permissions Investigation Console (EPIC) provides a way for system administrators to determine user access for an individual record.

System administrators, content administrators, and users with permission to use EPIC can launch EPIC from any record and view the access rights and permissions for selected users. System administrators can also access EPIC from the Administration menu. EPIC enables system administrators and users with EPIC permission to implement a consistent access control design across Archer and to troubleshoot access control and permissions issues.

On this page

Permissions Information about Each Selected User

  • Basic user information. Displays User ID, user name, user activity status, and an indication of whether the user is assigned to the System Administrator or content administrator roles. Inactive and locked users have information grayed out unless active view is selected.
  • Module. Displays overall Create, Read, Update, and Delete module permissions and the access roles that provide access to the record. A check mark indicates that the user has access rights; a prohibition sign indicates that the user does not have access.
  • Content. Displays overall Create, Read, Update, and Delete field-level permissions and details that show which fields in the record are permissions fields. A check mark indicates that the user has access rights; a prohibition sign indicates that the user does not have access.
  • Effective Permission. Displays the overall access to the record based on the Module and Content access rights. A check mark indicates that the user has effective permission; a prohibition sign indicates that the user does not have effective permission.

Summary and Details Views

The Summary view shows the overall Effective Permissions. The Details view displays permissions by role, group, and name to show overall module and content permissions.

Create an EPIC access role

  1. From the menu, click Admin menu > Access Control > Access Roles.
  2. Click Add.
  3. In the General Information section, enter a name and description for the access role, such as Investigate Access.
  4. (Optional) To enter an alias, click Save, and then enter an Alias name.
  5. (Optional) To set access role as the default for all users and groups, click Assign as Default.
  6. (Optional) In the Group Assignments section, assign groups to the access role.
  7. On the Rights tab, select the checkboxes for Create, Read, Update, and Delete, as needed.
  8. (Optional) Create a group that automatically assigns the Investigate Access Read permission and add users to the group.

  9. Click Save or Save and Close.

    • To apply the changes and continue working, click Save.
    • To save and exit, click Save and Close.

Assign a user permission to EPIC

  1. From the menu, click Admin menu > Access Control > Users.
  2. Click the Roles tab.
  3. Click Lookup.
  4. In the Available list, expand the Roles tree, and click the EPIC access role to assign, such as Investigate access.

    Note: To search for a specific role, enter the role name in the Find field and, if applicable, select the type from the adjacent list. Click Search. The results of your search appear in the Available list in the Search Results node.

  5. Click OK.

  6. Click Save or Save and Close.

    • To apply the changes and continue working, click Save.
    • To save and exit, click Save and Close.

View effective permissions from the Search Results page

Users: System administrators and module owners

  1. Go to the Search Results page.

    1. From the menu, click the solution.
    2. Click the application to which the record belongs.
  2. Select the record for which you want to view effective permissions.
  3. Click Elipsis and select Access.
  4. In the User(s) field, click Ellipsis.
  5. Select users.
  6. Click OK.
  7. Click Check.

View effective permissions from the Administration Menu

Users: System Administrators and users with permission to EPIC

  1. From the menu, click Admin menu > Access Control > Investigate Access.
  2. In the Content ID field, enter the content ID for the record for which you want to view access.
  3. In the User(s) field, click Ellipsis.
  4. Select users.
  5. Click OK.
  6. Click Check.

Email effective permissions report

  1. Go to the Search Results page.

    1. From the menu, click the solution.
    2. Click the application to which the record belongs.
  2. Select the record for which you want to view effective permissions.
  3. Click Elipsis and select Access.
  4. In the User(s) field, click Ellipsis.
  5. Select users.
  6. Click OK.
  7. Click Check.
  8. Click Email.
  9. Do 1 of the following:
    • To email a link to the effective permissions report, click
    • To email a PDF of the permissions report, click

Export effective permissions report

  1. Go to the Search Results page.

    1. From the menu, click the solution.
    2. Click the application to which the record belongs.
  2. Select the record for which you want to view effective permissions.
  3. Click Elipsis and select Access.
  4. In the User(s) field, click Ellipsis.
  5. Select users.
  6. Click OK.
  7. Click Check.
  8. Click Export.
  9. Select the export format.
  10. Click OK.

Print effective permissions report

  1. Go to the Search Results page.

    1. From the menu, click the solution.
    2. Click the application to which the record belongs.

  2. Select the record for which you want to view effective permissions.

  3. Click Elipsis and select Access.

  4. In the User(s) field, click Ellipsis.

  5. Select users.

  6. Click OK.

  7. Click Check.

  8. Click Print.

  9. Click OK.