Hey SN Community!
Is it possible to restrict case access for HR Agents based on their assignment group using a COE Security Policy?
For example: Person A is apart of HR Tier 1. There are currently 4 HR Benefits Cases. One is assigned to HR Tier 1, so Person A should only be able to view that 1 case out of the 4 available.
I've attempted to create a policy for our Benefits table, applicable to all services, and applies when condition - Assignment group is (dynamic) | One of my groups. I've attempted listing all our assignment groups and then again limiting it to a few. Either way all cases are viewable to everyone. Once I remove the Applies when condition, the COE Security Policy works and restricts access to those outside of the listed groups. Is it possible I'm using this Applies when condition incorrectly? Is it limited to certain use? Is anyone able to share examples of COE Security policies they've created?
Test Profile is not part of any of the listed groups but is still able to see Benefits cases.
Appreciate any feedback and tips!
@Yessi Here is my configuration. I will have to test your use case based on your configuration (images you sent) but here you have to restrict all cases in order to use your second COE policy that states the allow. In my example I am restricting all COEs to only those that are in the assignment groups of the case are able to see.
Blocking all cases
Allowing any case assigned to one of my groups
Regards,
Mike
