Skip to content
Item Detail
2H 2025 Edit
Role-Based Permissions Supports Excluding Access by Person
General Availability Info Only Automatically On Impact: Low AI Enriched
Description

As a Role-Based Permissions administrator, when you create or edit a role assignment, you can choose to exclude the granted users from accessing their own data in the Define a Target Population step. Previously, you could only exclude a user from accessing his or her own data by employment. Now, you can exclude a person from accessing his or her own data by person, which means the person can't access data of all his or her employments.See More

Detailed Description

As a Role-Based Permissions administrator, when you create or edit a role assignment, you can choose to exclude the granted users from accessing their own data in the Define a Target Population step. Now, you can exclude a person from accessing his or her own data by person, which means the person can't access data of all his or her employments. If Exclude by User is selected, a user in the access population can't access his or her own data of the selected employment.

Impact Assessment

This feature has limited impact but should be reviewed to confirm alignment with business processes in Identity and Access Management implementations. As a Role-Based Permissions administrator, when you create or edit a role assignment, you can choose to exclude the granted users from accessing their own data in the Define a Target Population step. Now, you can exclude a person from accessing his or her own data by person, which means the person can't access data of all his or her employments. Implementation teams should verify that existing configurations remain valid and test core business scenarios after the upgrade to confirm correct behavior.

Test Recommendations
• Verify the feature is enabled and accessible from the expected navigation path or configuration area in a test environment. • Test the end-to-end scenario with representative test data covering both happy paths and error conditions. • Validate correct behavior across all relevant user roles and permission configurations (admin, manager, employee). • Test edge cases: empty or missing values, boundary conditions, concurrent users, and large data sets. • Confirm that existing integrations, workflows, and downstream processes are not affected by the change. • Test on multiple iOS and Android devices across different OS versions and screen sizes. • Test feature visibility and access controls across different RBP roles to confirm correct enforcement.
Product: Platform
Modules: Identity and Access Management
Feature: Role-Based Permissions
Reference: PLA-49832
Version: 2H 2025
Valid as Of: Nov 14, 2025
Latest Revision: Oct 03, 2025
Affected Areas:
Identity and Access Management Mobile Role-Based Permissions