Security

Security on the Aexxis CRM is based on a token (also known as a "key") system. Every view, form, record, and page within in the CRM is stamped with a token. In order to view a view, form, record, or page, a user must have access to its token. There is no administrative level that overrides all tokens, so you must have the token to view the corresponding view, form, record, or page.

 

A token in the Aexxis CRM is a block of text. This is then assigned to users and to views, forms, records and pages. This controls access within the CRM. If a user wishes to access something in the CRM he must have a token in common with what he is accessing.  If they do not share the same token, the user will not see the view, form, record or page.

 

Example: The administrator sets up a token called [Cust] and assigns this token to a group of his CSR's, whose responsibility it is to handle Customers. The administrator then makes sure that customer records are created with the token [Cust]. When a CSR brings up a list of new customers, they will be able to view all records that have had the token [Cust] on them. A CSR who did not have this token set up for them would not be able to view these records, because he would not share a common token.

 

By default, administrators are given a token called [SeeAll] which is included automatically on all new records. This gives administrators access to all records.

 

All records ultimately cascade down from individual Programs. All records will be stamped with the token of the Program it belongs to (see Programs for more information). This ensures that a record, page, view or form will always be viewable by the program that it is under.

 

 

Note: Users are assigned their tokens or "roles" in the Access Control List for each database, outside of the CRM itself. For more information contact an Aexxis Technical Support agent.

 

Adding Tokens to Records

Tokens can be manually added to an individual record from the Access & Revisions tab, or from the Access & Revisions menu option, if you have administrative rights. By typing the token name into the Readers Add text box and clicking the Save button an admin can add a token. Do not attempt this if you are not thoroughly familiar with how the security systems work.

 

Tokens are also added to records by means of pre-populated drop-down boxes available within various records. Managers who are creating records are required to set a token when creating a new record on these forms, so as not to create a record they will not later have access to.