Manage Archive Security

Archive security is specific to that Archive. Before any users or groups (including database administrators) can be granted permissions to the Archive, they first must be granted access to the Archive's database. 

Set Archive Security

  1. To set Archive permissions, from the Secured Users & Groups list, click to select one or more users and/or groups.

  2. In the Security Components panel, click Archives.

  3. Click on the Database () icon for one or more databases to display the Archives that are available for that database.

    1. To see if an Archive has any Sub-archives, click on its Archive () icon. If the Archive has any Sub-archives, the component tree expands to display its child Archives and the icon changes to the image of an open folder.

  4. To assign security permissions for an Archive, click on its Archive. Parent and child Archives can be selected individually and more than one Archive can be selected.

  5. In the Archive Permissions panel, click one of the tabs and then select the appropriate permissions individually or click Select All. The choices include Folder, Document, and Export. See the next three sections below for details. Note that Select All selects all permissions on all three tabs, not just on the one currently selected. Click the Help (?) icon for details on Archive permissions choices.

  6. Click Apply Security to save the setup for each user or group. 

Set Archive-Level Security

In this dialog box “Folder” refers to an Archive. You can secure documents in an Archive at different levels:

  • View – If this is the only permission granted, the user or group may view but not change data and documents. Users still need permissions to at least one Search to see documents. Since a user or group must be able to see documents to perform any other functions, View will be enabled when any other Archives permissions are selected.

  • Add – The user or group may put documents into the Archive, but, if this is the only choice selected, once added no changes may be made. Adding includes not just by capturing (like scan, import, import data and document, or drag-and-drop) but also with Burst, Merge, and Move.

  • Delete – The user or group may remove documents from the Archive.

  • Move – The user or group may move documents from its current Archive to another.

  • View Revisions The user or group may view all the versions of a revision-controlled document. Users without this option will only be able to see the current version of the document. On a Versions Archive, the user or group may see previous versions of the document returned by the Search.

  • View History – The user or group may view the Audit Log of documents.

  • Delete Errored Batches – A legacy setting which allows the user or group to remove any Batches that have errored from the Batch Manager Batch List.

  • Full API Access – This API-only security setting allows the user or group to bypass Search security, via the API, on the current Archive. It is intended for use with GlobalAction and custom integrations from 3rd party developers.  Full API Access enables the use of a specific API call that eliminates the need to run a search for a document when you already know it's Database, Document ID, and Archive.  Full API Access should be enabled for the Service Account running GlobalAction, and should be disabled in all other cases without a specific use case.


Set Document-Level Security

In addition to Archive-level permissions, you can control what functions a user or group can perform on documents in the selected Archive. Choices include:

  • Modify Document – The user or group may rotate, copy/paste, insert, append, and reorder pages of documents.

  • Modify Pages – The user or group may enhance, cut (but not paste), replace, and delete pages of documents.

  • Modify Data – The user or group may modify indexing data for a document in any Field, so long as it it not a System Field or Read Only Field.

  • Modify Annotations The user or group may create, modify, and delete annotations on documents, even without other document edit permissions.

  • Publish Revisions – For use with a Check In/Check Out Archive in the desktop client, the user or group may set the Publish and Unpublish status for documents.


Set Export from Archive Security

Documents and data can be output from GlobalSearch to print, email, or view in another application. To export, choose one or more of the following:

  • Print – The user or group may use the Print functions from the Document Viewer or Search Results Document List in the Grid View.

  • Email – The user or group may email documents from the Document Viewer or Search Results in the Grid View. The user must have a local email client in order to take advantage of this permission.

  • Export Document – The user or group may export documents in their original format from the Document Viewer or from the Search Results in the Grid View.

  • Export Data – Allows the user or group to export the data to a CSV file (using the Export to Excel function) from the Search Results in the Grid View.

  • View in Acrobat – Allows the user or group to view documents within the native PDF file viewer. (Note that if the PDF viewer has editing capability, the user can make changes, but those changes do not carry into GlobalSearch; this situation would be similar to using Launch Copy on a PDF document.)

  • Launch – Allows the user or group to use the Launch Document feature in the Document Viewer.

  • Launch Copy – Allows the user or group to use the Launch Copy feature in the Document Viewer.