Home / Help System / Key Concepts / Administrator Navigation / Reports / Roles By Application / Using the Roles By Application Report

Using the Roles By Application Report

The “Roles By Application” report can be generated at anytime but it is primarily run during the Member-level Role Review Process and the Department-level Role Review Process.

The report returns a list of employees that currently have access to the selected Workstation or ADLOC for the selected Application. It also includes information about the employee’s current position.

Tip: If this report is going to be downloaded and filtered/sorted, save it as  CSV (comma delimited) format. This strips out the formatting and titles.

Here are the parameters used for this report.

  • Application – Lists the applications whose roles are managed in SSO
    • Some applications are unique to a specific department and may not be relevant to all users. (System Real Estate for example)
    • Not all system applications are available because their security is handled outside of SSO. (Maestro, Guardian, Concur, etc.)
    • “All Applications” is generally used for the role review process
  • Role Scope – Lists the access levels application’s roles
    • Any scope is available as a choice for an application but not all applications have all scopes.
      • Global – This scope can access all system member parts. (UIN Search and Data Warehouse for example)
      • Workstation – This scope can access an entire system member. Usually referred to as “Central Administrators”.
        • Used for the Monthly Role Review process
      • ADLOC  – This scope can only access a specific department or ADLOC. Usually referred to as “Department Administrators”.
        • Used for the Quarterly Role Review process
  • Role – Lists the available roles for the selected Application and Scope
    • “All Types” is generally used for the role review process
  • Role Workstation – Lists the available Workstation(s) for the person running the report
    • SSO Central Admins for more than one Workstation can run the report for “All Workstations” or an individual Workstation.
    • “All Workstations” is generally used for the role review process
  • ADLOC Scope – Lists the available ADLOCs based upon the selected Workstation.
    • If only run for  one Workstation, this choice can be either “All ADLOCS” or an individual ADLOC
    • “All ADLOCs” is generally used for the role review process
  • Employee Status –  Either “Active” or “Inactive”
    • Based upon the employee status on the Workday Employee record.
    • “Active” is generally used for the role review process