Set Up Field Level Authorizations in Reference Data Center

Owned by Pamela Totas (Deactivated)
Last updated: Aug 24, 2023
3 min read

Field Level authorizations are generated by the Reference Data Center engine when a user edits or overrides a value for a field that is configured as Authorization Required. The purpose of field level authorization is that if a data field is considered of high importance, and if a user attempts to alter an existing value, the request is placed temporarily (change is not updated to the master record) until another user with appropriate credentials authorizes the request.

Notifications for pending field level authorizations are displayed as an exception on the Security Summary screen within the Reference Desk.  Once you highlight a particular security in the Security pane, the Exception pane lists the pending authorization with the error message indicating Authorization Required along with the field name and date.

Field Level Authorization Workflow

When you manually override a history record of a field (for which authorization is enabled), a pending authorization is generated for that field, for that security, and for the selected effective date. In addition, the system sets the release level of that security to incomplete. It is important to note that the security release level is updated (to incomplete status level) only if the most recent history record is edited. If a non-recent history record is updated, a pending authorization is generated for that effective date but the security's release level is not changed. The reason for this is because the release level is always based on the most current definition of a security's history (most recent history date). If the security is already fully released (or Complete), it indicates that the most recent history is free of exceptions and pending authorizations. Therefore, only an override to the most recent history record creates a pending override and resets the security's release level to incomplete  whereas overrides to a non-recent history record only generate a pending authorization for that date.

Configure Field Level Authorization

Reference Data Center allows you to configure Field Level authorization in two ways: 1. Using the Reference Data Fields Settings. 2. Using the Data Strategies settings.

Set Up Field Level Authorization in Reference Data Field Settings

You can configure field level authorization from the Reference Data Field Settings menu.

To set up field level authorization:

  1. In Reference Data Center, from the left navigation, select Setup > Metadata > Reference Data Field Settings.
    You see the Reference Data Field Settings with the available list of fields.

  2. Select the field for which you want to generate authorization from the list of the fields.

  3. On the Home tab, in the Manage group, click Edit. Or, double-click the field.
    You see the Edit wizard.

  4. Select the Authorization Needed check box to generate the pending authorization request.
    When you edit/override the field value, the system does not append the field value to the master record until someone else authorizes the change. And also the system sets the entity's release level status to incomplete.  

  5. Click Save & Close to save the changes.

Set Up Field Level Authorization in Data Strategy Settings

Reference Data Strategies support changes to field level settings to allow configuration differences of the same field.

To set up field level authorization:

  1. In Reference Data Center, from the left navigation, select Setup > Data Strategies. 
    You see the Data Strategies workspace with the available list of data strategies.

  2. Select the data strategy in which the field you want to generate authorization resides.

  3. On the Home tab, in the Manage group, click Edit. Or, double-click the field.
    You see the Edit Data Strategy wizard. 

  4. Select the Fields tab.
    You see the Field Settings page with the available list of Fields groups with their respective fields.

  5. Select the Authorization Needed check box corresponding to the field for which you want to generate the pending authorization request.
    When you edit/override the field value, the system does not append the field value to the master record until someone else authorizes the change. And also the system sets the security's release level status to incomplete.  

  6. Click Save & Close to save the changes.