Users and roles when using Central and Host

I have been reading up on Users and roles and have tried all sorts of variations but I’m getting more confused, I hope someone can point me in the right direction.

I have built a service in a host and have used roles to determine the landing page of users and which Top tabs etc can be viewed. This is working on the face of it but only with a handful of users I have created in the Host.

I need senior users within the service to be able to add and amend users so have created a page to search, add, edit users. If I don’t filter the list I appear to be getting everyone, system users, portal users etc from Central and also the users created in Host. I can filter so this isn’t the problem.

My issue is that if I create a user in the Host I can allocate the correct role for the service but if they already exist in Central I can’t give them the Host roles. In Central I can’t give the Host roles which makes sense but causes me issues. So I thought about separating them and having a user list in the Host and people logging into the service separate to the Central, this is a stand alone service so could work that way, but I don’t seem to be able to unlink my Host Users from Central.

How have other people approached user access when you have Central and Hosts? I feel like I’m missing something simple.

1 Like

Hi Cathy,

We would recommend using Groups rather than roles in this case. Groups are automatically persisted to host applications so do not need to be independently created. You can create subsets for users that belong to groups to control access to parts of the host and/or central application. In addition, users can belong to more than one group meaning that this approach is more flexible (users can have only one role).