Objective
Upon completion of this KB the user will be able to Create a user login, Add / update a password, assign a security level and enable / disable a users login access
Complexity: MEDIUM
Page Contents
Assumptions
The User has the minimum required level to access the Contacts tab
The User has the permission / authority of the Institution to grant access to users / to use Paradigm
Contacts / Users are staff or associates of the institution not students.
The Institution has already validated that each security group has access to what it requires and nothing more
That the User has sufficient information to know what security group to assign for new users
Key terms and concepts
Be advised
A user may only be assigned to a single (1) security group
Warning
A user may only assign a security group that is equal to or less than the one they currently hold. This is to avoid the potential for privilage escalation in user account access.
The table below outlines the security groups that may be assigned to a user via the Paradigm user interface. The permissions are ordered based on scope of access from least to greatest.
Security Level | Description | |
---|---|---|
1 | Public | What a user may see without logging into Paradigm. Mostly used for login screens and the online application portal. |
2 | Applicant | A prospective student who is interacting with Paradigm via the application portal |
3 | Student | A student user with mostly read access but the ability to update their address details, register for units, generate a limited set of letter reports and view other records exposed to them by the Institution. |
4 | Reception | The lowest level of staff user with almost exclusively read access to a limit set of student related information. |
5 | Tutor | An appropraite level of access for a part time or casual teaching staff who needs to look up student details, enter attendance, record assessment marks or make notes against a student. |
6 | Staff | NoteDefault security group assigned by the system to newly created Contact logins A general level of access with a moderate degree of edit access to student related information and records. |
7 | Student Services | Intened for users who require the functionality of a staff member together with the ability to record advisor / examiner / reviewer |
8 | Student Admin | An alternative profile based on the flex admin security group. |
9 | Flex Admin (also known as part time registrar) | Similiar scope of access as Fulladmin but lacking access to the System and Accounting menus, and the ability to edit published grades or bulk generate invoices. |
10 | Accounting | A role apprpriate for an accounts receivable role that is focused on maintaining financial records including invoices and payments within Paradigm. |
11 | Marketing | This security group has a wide scope of access including student records, agents, invoices and payment related records. |
12 | Fulladmin | The standard security group given to power users with the ability to view, edit and break everything within the system. |
13 | HR Admin | Be advisedNot normally used Intended for Institutions who want to record sensitive HR related information within Paradigm for the purposes of staff reporting. |
14 | System Admin | Be advisedNot normally used Intended for institutions who require a higher form of Fulladmin with full system permissions in order to limit the typical scope of Fulladmin access. |
Implications
Different Security levels will granted the user different levels of access to the system. A suitable level needs to be granted to a user to give sufficient access. This may be view only e.g. Student Level or reception level access, some editing rights e.g. Staff level access, Administration level e.g.Flex Admin or Full Access e.g. Full Admin.
Some access levels will restrict that sections of the system can be viewed e.g. Accounting or Human Resources
Workflow
Further Reading
-
Advisor Reports (Paradigm Knowledge Base)
-
-
-
-
Providers - Edit Contact Info (Paradigm Knowledge Base)