In a DPS system, controlling access to customers, locations, and products is essential to ensure security, data segregation, and operational efficiency. The DPS provides a flexible authorization model that allows administrators (back-office users) to define and manage permissions across three distinct entity types: Organizations, Partners, Customers, and Locations.
By configuring authorizations appropriately, organizations can delegate responsibilities to partners and maintain full control over sensitive data and management operations.
This article explains how authorizations can be viewed and edited across the business entities, helping administrators understand the authorization hierarchy and apply the most suitable access policies for their users.
As an organization back-office user, by entering the editing page of a Customer and selecting the Authorizations tab, you can define who can view the customer among partners or other organizations.
The table reports the following columns:
Entity: The entity name having access to the Customer (e.g., Abon Metal )
End Date: The date when the authorization expires. If missing, it will remain in effect until manually revoked.
Access: The type of access, which can be Full (the Entity can access any locations and things), or Limited (the Entity can access specific locations and things).
Type: The type of the Entity (ORGANIZATION, PARTNER, DATA RECIPIENT).
Note that the root organization has an implicit view on all customers, so in this list you will not see the OEM root organization.
By clicking the Add Authorization button, a new authorization can be added by selecting the type (ORGANIZATION, PARTNER, DATA RECIPIENT), and then the Entity.
Clicking on a row opens the Authorization details dialog.
Once created, it is not possible to change the Type or the Entity. If needed, you can delete the Authorization and create a new one.
In the End Date, you can specify when the Authorization will be automatically revoked. If empty, it will remain in effect until manually revoked.
In case of Partner or Data Recipient type, you can also specify the authorized Locations.
For each location, the End Date can be redefined (it must be before the one on the Customer), and you can also select whether the Partner or Data Recipient can access all things under that location or just a subset.
