Skip to main content

End Client Controlled User Security

This article provides guidance on setting up Security Roles and Users so your service bureau can delegate user management to end client companies. The steps outlined below are for single-company users only. Multi-company users must be managed by the service bureau.

Role Setup

When Security Roles are added to the system, by default they cannot be used by company administrators when adding new users to the system. This prevents Roles from inadvertently being used in error and providing the user with too much, or too little, information.

Under System | Security | Roles, select a Role you would like to give companies access to use and click the Edit button.

Selecting a Role on the Roles screen

On the Edit Role tab that appears, mark the Client Role? box to allow company administrators the ability to use the selected Role when adding or maintaining users.

Edit Role tab with Client Role checkbox

Company Administrator Setup

Once you have determined and set company administrator access on Roles, you must then set each company administrator as the correct User Type.

Under System | Security | Users, select someone you wish to allow client-controlled security access for. In the User Type pull-down menu on the User Information sub-tab, select Company Admin. This is the setting that "turns on" the client-controlled security functionality.

User Type set to Company Admin

Company Security Setup

A company administrator will have additional access added in Company Maintenance | Master Company. The Users tab will show all of the users currently set up with access to the company. This page allows for creating new users and changing and updating existing accesses.

Users tab in Master Company

Adding New Users

To add a new company user, click the ADD (*) button and enter the User Name, Full Name, and Role to be assigned. Then click OK.

Add user dialog

Once the account has been added, set the appropriate Password Expiration timeframe. Setting the field to blank means the user will never be prompted to change their password.

The User Type may also be changed to Company Admin if the new user should also have access to user security.

Lastly, click the Change Password button and set the user's password for initial access to the system in the box that appears. The user will be prompted to change their password after their initial login.

Updating Users

At any time, updates can be made to a user's account to provide more or less access by changing their Security Role or User Type according to the level of access being granted.

If a user has locked themselves out of their account (by entering the wrong password multiple times), the Disabled? box would need to be unmarked and the Change Password button may be used so they can gain access again.

Lastly, if a user should no longer have access to the system, simply select them in the list on the Users page and click the DELETE (X) button.

Questions?

Contact your Payroll Service Provider.