Export Control
Control access to sensitive information based on user groups.
Last updated
Control access to sensitive information based on user groups.
Last updated
First Resonance offers the ability to control sensitive information through a feature called export control. This is a boolean, true-false, field that can be applied to procedures or parts at the highest level. The effect is that any objects that then reference that part or procedure will not display technical data. Runs made for that procedure will have no data for the user group that does not have permissions to view. Part inventories made for the part will not be visible to the export controlled group. Currently, you must be using Microsoft Azure SAML authentication for this feature to work in your environment. Reach out to the team through intercom if you would like to learn more about deploying export control.
Bellow are some more details:
Export Controlled Protection:
Export controlled is a form of protection that can be applied to parts and procedures to restrict access.
Indication from procedures:
Indication from parts:
Access Restrictions:
When an item is designated as export controlled, only users belonging to the "Employee Export UnRestricted" or "Export UnRestricted" groups can access its data.
Users without the appropriate access will receive no data for that item. This restriction is enforced at the API level.
Group Access Configuration:
The group access is configured via a SAML connection rather than directly within ION.
Our setup involves creating a SAML connection for Microsoft Azure in Auth0 and including the "Get user group" attribute.
Customers must ensure they have Active Directory groups named "Employee Export UnRestricted" or "Export UnRestricted" to enable this connection.
