Make External Reports Discoverable

In version 5.6, the Access Request function for External Reports has been enhanced to support Client sites with either Distributed or Centralized Access Request responsibilities, as well as customized Deny Access messages, and support for BI Tool security access.

You may specify tailored messages, control where Requests for Access are routed, and are now able to support both centralized Access Request processing (via a tool like SAP's GRC) and distributed Access Request responsibilities via a Metric Insights-only work flow.

The system will first check the Element Editor to verify Access settings and the default No Access tile formatIf the Report settings do not include a Custom Access Message, then the Category Editor will be accessed to locate a Custom Message. The first Message encountered will be used. The system will default to standard error messaging if no customization has been set up.

This article will explain how to apply Customized Access Request processing for two common process flows:

  1. Set Discoverability for a single External Report
  2. Set Discoverability for all External Reports within one Category

You may want to use either or both of these procedures independently based on your needs.

How are Access Requests handled by your company?

Set Variables for Discoverability handled by Metric Insights

Admin / System / System Config

Set the 3 required variables in the Config file:

  1. Type 'access' in the Search field to narrow your options
  2. Set 'SHOW_ITEMS_WITHOUT_ACCESS' to 'Y'
  3. Set 'SEND_ACCESS_REQUEST_DIGEST' to 'Y'
  4. Set 'ACCESS_REQUEST_VIA_WEBPAGE' to 'N'
  5. Commit your changes

Access Admin / System / System Config

 

Set the 3 required Access-request variables in the Config file:

  1. Type 'access' in the Search field to narrow your options
  2. Set 'ACCESS_REQUEST_URL' to [a webpage set to process Access Requests]
  3. Set 'ACCESS_REQUEST_VIA_WEBPAGE' to 'Y'
  4. Set 'SHOW_ITEMS_WITHOUT_ACCESS' to 'Y'
  5. Commit your changes

Access Admin / System / System Config

Set the 6 required Access-request variables in the Config file:

  1. Type 'access' in the Search field to narrow your options
  2. Set 'SHOW_ITEMS_WITHOUT_ACCESS' to 'Y'
  3. Set 'SEND_ACCESS_REQUEST_DIGEST' to 'Y' (optional)
  4. Set 'ACCESS_REQUEST_VIA_WEBPAGE' to 'N'
  5. Set 'ACCESS_REQUEST_URL_PASSWORD' to a valid password for the URL_USERNAME
  6. Set 'ACCESS_REQUEST_URL' to the end-point of your Access Request API
  7. Set 'ACCESS_REQUEST_URL_USERNAME' to a valid User for API authentication
  8. Commit your changes

Do you want to work with single reports or multiple reports (via Category)

Set Custom Access Request fields on External Report Editor

Create a New Tableau Report (New > External Report),  Select the Tableau Report Type, and follow instructions in How to create an External Report from Tableau.

 

 Access the Advanced tab of the External Report Editor

  1. Toggle "Make Discoverable" to On to open additional fields
  2. Field not used in this flow
  3. (Optional)

Do you want to display custom image for Discoverable element?

  1. Select 'Upload Public Image File' to open a standard Upload Image popup.
  2. The Upload Image pop-up will appear to allow you to select an alternative image.

Do you want to format a custom Access Deny message

Customize the Access Deny message

Note: if you do not specify a Access message at the External Report level, the system will check the associated Category for a message. If neither is specified, the Standard Message will display.

  1.  Toggle the 'Use Custom Access Denied Message' to 'ON' to display additional fields
  2. You can control the Message display using the standard formatting options
  3. You can insert the following variables using the dropdown:
  4. [Element name] causes the system to  substitute the External Report name in the display
  5. [More Info] provides a link to show list of Support Admins that can assist you
  6. (Optional) Provide an Access Request email address to be informed of this Access Request. This field will over-ride the default option that sends the email to your Support Admins.

Use Metric Insights default message

Use the Bulk update for elements to set Discoverable option for Reports

Note that you can limit the element display using the Filter options on the top of screen.

  1. Select Category and apply additional Filters as needed
  2. Select Individual Reports or just select everything in the Category; only External Reports will be affected
  3. Select Bulk change
  1. Open Choose Field drop-down and select Discoverability
  2. Next: Preview

Do you want to customize the Access Request message

Access corresponding Category Editor

  1. One the Info tab, toggle the 'Use Custom Access Denied message' to ON to open additional fields
  2. You can control the Message display using the standard formatting options
  3. You can insert the following variables using the dropdown:
    1. [Element name] causes the system to  substitute the External Report name in the display
    2. [More Info] provides a link to show list of Support Admins that can assist you
  4. (Optional) Provide an Access Request email address to be informed of this Access Denial. This field will over-ride the Default option that sends email to your Support Admin(s) for Access.

 

Do you want to check authorization for access to your BI tool?

Is the Report from Tableau

Set Report Type

Note that this option requires Admin access and the Report Type must be set to allow this feature in the BI Tool.

Access Admin > Plugins > External Report Types > Tableau

 

Pre-verify User Access through Tableau API must be set to 'yes'

Sorry but other BI tools not currently supported

Do you want to see example of how Metric Insights handles Access  Requests?

Homepage will display Reports that User has not been granted access to

 

  1. User clicks Report title
  2. Access Denied Message is displayed (default message used here)
  3. User may Request access

Support Admins will receive a User access request email to process

  1. Access may be granted to the single Report or to the entire Category containing the Report.
Congratulations, you are done!

0 Comments

Add your comment

E-Mail me when someone replies to this comment