Auth Codes
Auth Codes (or Authorization Codes) provide a way to limit the access of requirements and exceptions to only very specific users. When attempting to encode a requirement or process an exception against a requirement, only those users with assigned auth codes that specifically match will succeed in editing the requirement or performing the exception. Otherwise, they will be able to run an audit, but will be "locked out" of access to requirement editing and exception processing will fail. Since creating exceptions from the audit enables non-encoding staff (including advisors) to create exceptions with ease, auth codes can allow tight control of user access to critical fields such as Total Hours Required on the requirement.
New in 4.3, Auth Codes now work on exceptions from the audit. |
As mentioned, auth codes can be set on both requirements and exceptions:
- Requirements can have up to two auth codes
As new Requirements are created (in the uAchieve Client), they are automatically assigned the auth code associated with the user creating them. Any subsequent maintenance–including deletion–of the requirement (or its sub-requirements) is only allowed by users with the same matching auth code. A second position auth code may be added to a requirement by the user, which may alternately be used to allow for exception matching.
NOTE: Exceptions at the Requirement level |
- Exceptions can have only one auth code
As exceptions are entered into the system (either via the uAchieve Client or Self-Service), the auth code associated with the user is also automatically associated with the created exception. Similar to requirements, any subsequent maintenance of the exception is only allowed by users with the same single matching auth code. While the user may create exceptions in the client, they will not be processed by the server if the user does not have the correct matching auth code.
Auth Code Assignment
Auth codes are assigned at three levels: user-level, group-level, and global-level:
-
Set the auth code on the user directly in the Dashboard (auth code set for the user is the most common type of auth code assignment).
- Inherited from the group on the Dashboard
- Set globally on the Dashboard
Be careful! Global-level auth codes affect every user. |
Auth Code Matching Logic
Space
A requirement displaying two spaces (but appearing blank) in the auth code fields is unrestricted, in that ANY user is allowed to edit it and ANY exception may be applied to it.
NOTE: |
Non-Space (or "Blank") Character
The non-space or "blank" auth code is an auth code with no value, the same as the null. The blank auth code is the same as the single blank, multiple character blanks, and/or null value. Learn more about how the blank character factors into how exceptions are applied below.
Auth Codes in uAchieve Self-Service
User-Level
View the auth codes applied at the user level as assigned to an individual user in Self-Service via the Security (Users) drop-down:
Once a user is selected (View), click the Properties tab to view properties, including auth codes applied at the user level:
Delete Auth Code
You may delete the auth code using the Delete Property button ().
Add Auth Code
Alternately, add an auth code in the Add Property section:
The Add Property button () will add the new auth code and assigned Value and Description fields to the user's properties list.
Group-Level
View the auth codes applied at the group level as assigned to a designated group in Self-Service via the Security drop-down:
Once a group is selected, click the Properties tab to view properties (including auth codes) applied at the group level:
Delete Auth Code
You may delete the auth code using the Delete Property button ().
Add Auth Code
Alternately, add an auth code in the Add Property section:
The Add Property button () will add the new auth code and assigned Value and Description fields to the group's properties list.
Exceptions
Exceptions From the Audit
When Entering Exception Mode () in Self-Service, the display of buttons next to the requirements and their sub-requirements on the audit provide a visual indication that the user's auth code matches that of the requirement.
![]() |
![]() |
---|
The lack of buttons in Exception Mode may indicate no auth code:
Also note that the absence of exception buttons may be attributed to other factors, as well.
Manual Exceptions
When viewing existing to Requirements or creating new ones manually (i.e., not created from the audit), the auth code column displays any auth codes associated with each listed exception.
New in 4.3.0.3, when a requirement has two auth codes that do not match the blank auth code of an exception, then the exception will not apply to that particular requirement. The COM variable Authspaces controls how blank auth codes are handled:
If authSpaces=blank (default)
- An exception with a blank auth code will match ALL requirement auth codes
- A requirement with BOTH auth code values of blank will match ALL exceptions
If authSpaces=S
- An exception with a blank auth code will only match a requirement if BOTH auth code values are blank
- A requirement with BOTH auth code values of blank will ONLY match an exception with a blank auth code
For more details, see Auth Code Configuration.
Auth Codes in uAchieve Client
The User can create exceptions in the client, but the server will not process it if the user does not have the correct matching auth code.
NOTE: |
Manually created exceptions in the uAchieve Client show drop-down options for auth codes as opposed to a freeform field:
Auth codes can range from one up to ten (1-10) characters in length. |
Configure Auth Codes
For configuration instruction using exception.xml, see Auth Code Configuration.