The “Roles By Application” report can be generated at anytime but it is primarily run during the Member-level Role Review Process and the Department-level Role Review Process.
The report returns a list of employees that currently have access to the selected Workstation or ADLOC for the selected Application. It also includes information about the employee’s current position.
Tip: If this report is going to be downloaded and filtered/sorted, save it as CSV (comma delimited) format. This strips out the formatting and titles.
Here are the parameters used for this report.
- Application – Lists the applications whose roles are managed in SSO
- Some applications are unique to a specific department and may not be relevant to all users. (System Real Estate for example)
- Not all system applications are available because their security is handled outside of SSO. (Maestro, Guardian, Concur, etc.)
- “All Applications” is generally used for the role review process
- Role Scope – Lists the access levels application’s roles
- Any scope is available as a choice for an application but not all applications have all scopes.
- Global – This scope can access all system member parts. (UIN Search and Data Warehouse for example)
- Workstation – This scope can access an entire system member. Usually referred to as “Central Administrators”.
- Used for the Monthly Role Review process
- ADLOC – This scope can only access a specific department or ADLOC. Usually referred to as “Department Administrators”.
- Used for the Quarterly Role Review process
- Any scope is available as a choice for an application but not all applications have all scopes.
- Role – Lists the available roles for the selected Application and Scope
- “All Types” is generally used for the role review process
- Role Workstation – Lists the available Workstation(s) for the person running the report
- SSO Central Admins for more than one Workstation can run the report for “All Workstations” or an individual Workstation.
- “All Workstations” is generally used for the role review process
- ADLOC Scope – Lists the available ADLOCs based upon the selected Workstation.
- If only run for one Workstation, this choice can be either “All ADLOCS” or an individual ADLOC
- “All ADLOCs” is generally used for the role review process
- Employee Status – Either “Active” or “Inactive”
- Based upon the employee status on the Workday Employee record.
- “Active” is generally used for the role review process