Additional user groups for granular security
The following tables list the various authorization roles that are predefined for the Commerce Server systems. For each authorization role of interest, create an associated user group on the domain controller, and add business user accounts to the user group as needed. For each user group that you create, assign the groups to authorization roles through the Authorization Manager.
Catalog and Inventory Systems:
|
Role |
Description |
|---|---|
|
CatalogAdministrator |
Members can manage the Catalog System. |
|
CatalogViewer |
Members have read access to the Catalog System. |
|
CatalogManager |
Members can manage all the catalogs in the Catalog System. |
|
SchemaManager |
Members can manage the catalog and inventory schema, including property, category, and product definitions. |
|
CatalogSetsAdministrator |
Members can manage all the catalog sets. |
|
CatalogSetsViewer |
Members can view all the catalog sets in the Catalog System. |
|
InventoryAdministrator |
Members can manage the Inventory System. |
|
InventoryViewer |
Members can view all the catalogs in the Inventory System. |
|
InventorySynchronizationManager |
Members can synchronize the run-time Inventory System with the management system. |
|
Administrator |
Members can manage the Catalog System and the Inventory System. |
Marketing System:
|
Role |
Description |
|---|---|
|
MarketingAdministrator |
Members have full access to every operation in the Marketing System. |
|
MarketingApprover |
Members can approve or reject marketing items, such as campaigns, discounts, and expressions. |
|
MarketingAuthor |
Members can create marketing-related items, such as customers, campaigns, discounts, and expressions. |
|
MarketingViewer |
Members can view and search marketing items, such as campaign event logs. |
|
GlobalExpressionAuthor |
Members can create, edit, and delete global expressions across multiple discounts. |
|
RuntimeSiteManager |
Members can refresh the Discounts and Advertisements caches of the run-time site. |
Orders System:
|
Role |
Description |
|---|---|
|
OrdersAdministrator |
Members can manage data integrity and cleanup issues. |
|
OrdersConfigurationEditor |
Members can manage orders configuration data for the site. |
|
OrdersViewer |
Members have read access to view orders. |
|
OrdersAdapter |
Members can search orders for order processing and updates. |
Profiles System:
|
Role |
Description |
|---|---|
|
ProfileAdministrator |
Members have complete access to the Profiles System. |
|
ProfileWriter_BusinessManager |
Members of this scope-level role have access to the profile definition within the scope. There are six profile definitions: UserObject, Address, Organization, BlanketPO, CreditCard, and Currency. |
|
ProfileWriter_CSR |
Members of this scope-level role have access to the profile definition within the scope. |
|
ProfileWriter_Adapter |
Members of this scope-level role have access to the profile definition within the scope. |