Force Logout & Re-authentication If Role or Permissions Change When Logged In?
Does Anaplan have a global setting that requires a user re-authenticate/log back in if their role or permissions change while logged in? Is there documentation I could reference?
Answers
-
As far as I know, there is no force logout for a particular user.
You can force the logout for ALL the users if the model is put OFFLINE and then back ONLINE.
However, the security and model roles should have an effect immediately without forcing a logout. The new security should be applied at the next refresh or any action made by the user.
Did you have any issues with this?
0 -
That's helpful. Thank you! No issue. Our cyber team wants a forced logout if roles or permissions change while logged in, but the change upon refresh may suffice. Is there any Anaplan documentation for this?
0 -
I haven't tried it, but I imagine marking the user role in a model to none, or disabling them temporarily through tenant administrator would have a similar impact.. but, it's obviously a bit of stuffing around if you're looking for an automated way to bounce them.
1 -
@lizzyb: Although the documentation does not explicitly state that the effect is "immediate," the absence of any instruction to log out in order to observe the change implies that the effect takes place immediately when a model role is modified or list security is updated. I think Anaplan Support can also give a more "official" answer.
Or you may follow the suggestion of @luke_e : assign to the user the model role on "No Access": the user will be disabled for that model, and re-assign the full security.
Please note that assigning the "No Access" role to a user will result in their removal from the "Users" list, and any input data associated with that user in modules containing the "Users" list will be lost (Filters, Users parameters, etc..)
1
