Guest Access Criteria

From AgileApps Support Wiki
Revision as of 11:39, 11 May 2020 by imported>Aeric

Overview

Data stored in AgileApps is secure and only authenticated users can create and view records. Without valid permissions, you cannot get access to this data. This feature allows a guest user to perform CRUD operations on an object without any authentication or login to AgileApps. It works on criteria-based permission models.

A use case scenario for this feature is a flight reservation system. Here, a user can view the available flights for a destination as an anonymous user. However, to book a flight, the user would need to sign up or provide certain credentials.

Who can use this feature?

AgileApps allows for automatic login for the guest user. Guest user is a standard platform user with ‘user id’ as 7. The authorization should be configured by the Tenant Admin in the form of a formula in Object Properties.

Notepad.png

Note: This feature is not available in a sandbox environment.

Prerequisites

To use this feature, the sub-domain should be enabled. The guest user should access AgileApps using a sub-domain. For more information about enabling a sub-domain, see the Tenant Configuration section in Service Configuration.

Basic Flow

1. To configure this feature at the object level, go to Settings > Account Management > Company Information. Here, under Session Management, set Enable Guest Access to Yes as shown in the following figure:

Session mgmt.png

2. To configure at object level, go to Settings > Customization > Objects > {object} > Object Properties > [Edit] > Guest Access Criteria, select the Allow Guest Access option as shown in the following figure:

Notepad.png

Note: If an object is enabled for guest access, then all the fields for that object are open to guest or public access. The application designer can choose which actions to permit for the guest user.


Guest access criteria.png

The functionality of Guest Access Criteria is similar to Custom Access Criteria. Guest Access Criteria lets you specify who can access/update/delete individual records, based on the data in the record, characteristics of the current user, and any other available information. You can define a set of expressions, one for each action that can be performed on a record. Actions include:

  • Add
  • Update
  • Delete
  • List View
  • Record View

For each action, the Formula Builder is used to create an expression. When the expression evaluates to true for an action, the guest user can perform the action. An example for the formula builder is as follows:

Formula builder.png