Security Settings- District Level

At a district scope, schools can create custom security groups for users who share the same access in multiple scopes. This allows one location to maintain groups rather than individual child scope editing. *Users must be added at child scope level

Admin>Settings>Security>Security

Definitions

A. List of publicly Available Pages – shows a complete list of pages parents and students can access through the portal or REG-Online.

B. Define Security Groups - List of default security groups and the ability to make customized security groups. (See the Define Security Groups section below)

C. Student Logins/Users - Creates a list of students and passwords using various sort functions. See this page for more information.

D. Parent Logins/Users – Creates a list of parents in system with various sort functions, the students that are linked to them, and their password. See this page for more information.

E. Define Users – shows individual users, their username, password and permission groups set. See the Define Users section below

F. Automated Setup for Logins/Passwords – Allows you to create an email message and send out usernames and passwords to users. See this page for more information

G. Deletion Log – Searches for records that were deleted per username, IP address, page, and any other information available.

Detailed explanations of Areas B and E

B: Define Security Groups

Admin>Settings>Security>Security>Groups

Security groups are labeled with a common name that describes a user type. For example, the user group “Attendance Administrator” would be the person at the school who needs to access the areas of the SIS that have to do with attendance. There might be one or several people who are “members” or belong to the same group. The group is already set with all the permissions required. As another example, for the group “Teachers-Classroom Instructors,”all required permissions that a teacher would need to perform their basic duties are included in this group. All classroom teachers would need to be added to this group as “members” so they can do their job without interruption.

A “default” security group is created by School Pathways. Schools cannot change these groups. You can only enroll members. If a group is not set to your needs, you can create your own group by doing the following:

Adding/Creating a new Permission Group

Click Add New Group button.
Add a new title for the group
Set the Options/dropdowns:

- User Type: Staff- most common
  - Other options include Students, Parent, pubhouseholds, forms_users. Those would give greater permissions to students/parents in their portals and reg online households. Forms_Users permission groups are specific to our Forms and Surveys module

- Group Type: Private will be the most common.
  - Other options include: Root, publiclogin, public, nonlocal. These each provide higher levels of access for users within and outside the system (students/parents in their portals). Typical use case will use Private. Reach out to School Pathways if you would like to explore the other options as those should be utilized carefully.

- Module- leave at Base
- Default Global Group: Check this box if you would like this group available at all of your connected child scopes

Click Save

Setting Permissions for your custom group

Admin>Settings>Security>Security>Groups

Adding permissions individually/making updates:

Permissions can be copied/pulled/uploaded in mass using a CSV upload- see section for "Adding permissions in mass:"

Find your group in the alphabetical listing and click on “Set Permissions”. The permission groups with “Default Group” in the permissions column cannot be changed.

In this page view, the Element Titles are listed in the left column. In some instances, a definition of the page is in the right column.

Click the Details link to view a list of users who currently have permissions to access the page.

- Check the boxes on the left if you want to include the page in this group and click SET. You are taken back to the main list of Permission Groups.
Add Members

Admin>Settings>Security>Security>Groups: Members hyperlink in line with the permission group

- At the District Level: Add members here specifically for their access within the District Scope
- Child Scope level: For groups created at the District Level, you'll maintain the members for child scopes in the child scope itself (local level)
  - This is due to the possibility of staff being in both scopes but holding different roles. One could be an admin in one scope and a teacher in another. Their permissions would be very different.

The page is split into two columns. Left side- users who are in the group. Right side- users not in the group but available to add
- To add: check the box of the user(s) on the right side of the screen and click Save Changes
- To remove: check the box of the user(s) on the left side of the screen and click Save Changes

Users who are in the group but who's login has been disabled will not have any access even if they remain in the group. You can remove users from security groups but as long as you are following proper procedure with existed Staff (disabling their login up on exit), there will not be any issue leaving them in their security groups.

Adding Permissions in mass: helpful when creating a custom group using one of the default groups as your base-line. For example: creating a teachers group where you want them to have general access from our Teachers - PLS Individualized Learning w/ Customize Curriculum but you also want to include some extra permission. Or you want to combine the default groups that you assign to staff into one so you only have to assign one group.

Custom groups do not get new permission elements by default as we do not know what access your custom groups are intending to allow. Any new elements released will need to be added to your custom groups if you wish to grant those users access

Export Permissions from an existing Group- if there is a group where you want to start with their permission, use the link to the right of the group name for "Export Permissions". This will download a CSV
Import Permission to a custom group- navigate to your custom group and click on the name of the group
You'll see an option to "choose file"- you can use the button to choose the file from your downloads or drag and drop it if still on your screen
Click Import Permissions
Your permission group will now have any permissions that you exported from the other group. You can add/remove individual elements using the directions above for Adding permissions individually/making updates

C: Define Users

Users must be added to the system and linked to their record. Student and parent records will automatically link to the user name but staff members must be manually linked.

Current staff accounts that are linked will show in the Define Users area. If you need to view the unlinked accounts or disabled accounts, change the settings at the top left of the page and click UPDATE.

In the above view,

Clicking on the login name link shows the current username and password. If the username and password are not shown, you can click the EDIT LINKED TO button and choose a staff member to link the login to.
Access can also be set to expire or you can enter a disable date in this area to expire the staff member’s access to the SIS.
Clicking on the staff member’s name takes you to their staff record.
Clicking on jump logs you in as the user (Root administration function only)
Clicking on (Set Groups) allows you to add an individual user as a member to a group