Set up a manager user
Sparkrock 365 supports the following user types:
Full User: Provides full access to Sparkrock 365 core product and mySparkrock. Examples of full users include:
Accounting Manager
Accounts Payable Coordinator
Account Receivable
Purchasing Agent
HR Manager
Payroll Administrator
Training and Scheduling Admin
Manager User: Provides limited access to Sparkrock 365 core product and full access to mySparkrock. Examples of manager users include:
Management and Senior Management
Department Manager
School Principal
School Secretary
Employee User: Provides limited access to mySparkrock. Examples of employee users include all employees.
Manager user
In addition to full Sparkrock 365 users, you can also have manager users that have limited access to the core product, specifically using a predefined subset of the Finance and Procurement or HR Management functionality. Manager users have full mySparkrock access.
Functions that are designed for use by the manager user include:
Purchase requisitions entry.
Payment request entry.
Document approval, such as for a purchase invoice or purchase credit memo. A manager user can view the applicable document page, and then send the approval request or cancel the approval request.
View purchase orders and archived purchase orders.
Indicate receipt of goods and services on existing purchase orders.
View posted purchase invoices and posted purchase credit memos.
Reporting.
How manager users are assigned
In SaaS mode, the creation of individual manager users is controlled by assigning a team license to specific users through Office 365 administration. Access using this license is controlled using a predefined set of permissions sets.
The team user uses the following permission sets:
| Permission Set | Description |
|---|---|
| D365 Read | Provides read access to all tables in the product. |
| D365 Team Members | Provides write, delete, and modify access to a subset of tables in Sparkrock 365. For example, it gives access to:
|
| LOCAL | Provides write, delete, and modify access to all local features in Sparkrock 365. |
| D365 Security | Provides access to manage users. |
| D365 Troubleshoot | Provides access to troubleshooting tools. |
For Sparkrock Cloud customers, manager user mode for individual users is set directly on the User Card page at creation time when the License Type of Full User or Limited User is specified.
Department manager role center
The solution entry point for the manager user type is the Department Manager role center. Sparkrock 365 supports the following types of Department Manager roles:
HR Department Manager
Finance Department Manager
Note
Note:
On the Profile (Role) page for the HR Department Manager or Finance Department Manager role, on the General FastTab, Show in Role Explorer must be turned off.
As defined per company, the functionality available to manager users is controlled through Application Area management. For example, you might want manager users to have access to requisitions but not to payment requests.
On the Application Area Setup page, on the Finance and Procurement FastTab, the application areas under Limited Access are used only on functionality that is available on the Finance Department Manager role.
Similarly, on the Application Area Setup page, on the HR Management FastTab, the application areas under Limited Access are used only on functionality that is available on the HR Department Manager role.
For more information, see Set up application areas.
If you want to specify the functionality that is accessible to specific groups of manager users, or even to individuals, you can set up user groups. User groups allow more granular control. User groups can be associated with individual users that have the Security Manager role.
It is recommended that a default department manager role center be associated with each manager user group. Set the Default Profile to SRF Department Manager.
You can define more than one user group for use by different sets of manager users, but it is recommended that only one user group be assigned to any specific manager user.
Important
Important:
When creating user groups for manager users, you must only turn on fields under the HR Management or Finance and Procurement FastTabs, in the Limited Access sections. Enabling the other settings will provide the manager users with improper functional access outside of the designed boundaries of the role.
The small set of limited access settings on the Purchase & Payable Setup page further controls aspects the manager user experience, such as visibility of certain data.
Permission sets
Permission sets provide the capability for you to further configure manager users access to functionality. Sparkrock 365 includes the basic permission set types of System and Extension for each functional area, which are designed primarily for SaaS. For Sparkrock Cloud, permissions must be refined by User-Defined permission sets. The User-Defined permission sets accommodate certain differences in the way the Sparkrock Cloud environment works. User-Defined permission sets are created during project implementation. After User-Defined permission sets are configured, these permission sets are assigned to the one or more manager user groups that are defined.
Note
Note:
If you do not use user groups, it is recommended that a default department manager role center be associated with each manager user’s profile on the User Settings page. To specify the default department manager role center, set the Role to a department manager role.
Data access management
For data access management, each individual manager user must be linked to a corresponding mySparkrock user. The mySparkrock user's setup and security settings control the individual manager user’s access to data.
Note
Note:
Despite the fact that these settings are controlled through the mySparkrock user, the mySparkrock web application is not currently used by the manager user for Finance and Procurement. Instead they use the core Sparkrock 365 product and the Finance Department Manager role.
Hiding confidential attachments
Sparkrock 365 allows you to attach confidential documents to purchase documents. When such a document is uploaded, the document is marked with Confidential to indicate that this attachment is not visible for users who do not have permission.
Attachments can be added either through Incoming Documents or through Attachments. The control of whether a user can view incoming documents and specific attachments that have the confidential indicator is controlled through permission sets.
For more information, see Set up the confidential indicator for incoming documents and attachments.
Related information
Feedback
To send feedback about this page, select the following link: