In version 26, we’re delivering a range of enhancements to strengthen security and simplify user management.
New Power Users group for enhanced control
We’ve introduced the Power Users group to fill the gap between administrators and regular users.
This new system group offers higher permissions than regular users, enabling them to manage access rights via the Security (Access Permissions) panel without needing full administrative privileges.
Key highlights of the Power Users group:
- Access to the Security panel: Power Users can assign access permissions, reducing dependency on administrators, while keeping the Security panel hidden from regular users.
- Manual user management: Members are added manually to the group, ensuring controlled group management.
- Restricted modifications: The group's name and header cannot be edited.
New permission key: Manage Access Permissions
We’ve added a new system permission key: Manage Access Permissions, making it easier to control who can access key security settings.
Here’s what’s new:
- Access to Security panels: Users without the Manage Access Permissions key won’t see the Security panel in the Desktop Client or the Access Permissions panel in the Web Client
- Default access for key groups: The Power Users and Administrators groups have this permission by default, giving them access to manage permissions right away.
Removal of trusted application requirement for websites
When defining a website, it is no longer necessary to create a trusted application. By default, the Trusted Application field can remain empty (NULL), allowing a website to run under an internal SYSTEM user without consuming a license for its service session. A virtual trusted application is now generated automatically at runtime.
This update simplifies configuration and reduces unnecessary license usage. More information about it can be found in the following blog post.
Validation rule for security group names
We’ve added a new rule, R37154 – Check for Invalid Symbols, to prevent the use of invalid characters in non-system security group names:
- Restricted symbols: Non-system groups cannot include "<" or ">" in their names.
- Validation on event ClientCommit: The system will block the action and display an error if these characters are used. This ensures а cleaner, more consistent group naming across the system.
New "Open Access Key" button in the Access Permissions panel
We've added a new Open Access Key button to the Access Permissions panel in the Web Client. Now, you can quickly open the form for a single Access Key record directly from the context menu, making access management more convenient and efficient.
Improved Group Access Key management
We’ve improved the Group Access Keys panel in the Web Client to provide a more user-friendly experience. With the new design, permissions are now displayed with clear names and editable via checkboxes for faster configuration. This enhances the overall experience, making group access key management both more efficient and clearer for users.
Together, all of these features empower organizations to delegate responsibilities securely while preserving a clear distinction between roles and permissions.
Stay tuned for more updates on how version 26 improves your user management experience!
Тo learn more, please refer to our technical guides:
0 Comments