Authorizations (Security)

Authorizations are defined in layers.

The first layer is by allowing access on Administrations and FBO locations. An administration defines a commercial unit for billing purposes. It consists of one or more FBO locations for which billing is done together. In case you have only a single FBO location, you will have one administration and one FBO location. In case you have a network of two locations that each perform their own billing, you will have two administrations and two locations, and, of course, if you have one central back office that does combined billing for multiple locations, you will have one administration with more than one FBO location.

 If a user does not have access to an administration, he cannot access or modify any orders or other data related to it, and cannot access any of the data related to the FBO's defined in the administration. If a user has access to an administration, the FBO-Access rights define from which FBO's the user can see the orders and invoices.

The second layer of authorizations is defined by allow access to operations in FBO One. Operations come in various forms: menu commands, screens, reports and workflow transitions. For example, some of the commands available in FBO One are 'Browse OPS', 'View Invoice', 'Run audit log report' and 'Mark flight as departed'.

FBO One grants the user access to an operation based on combination of the Administration/Location permissions and the permissisions granted for the operation itself. For example, to view orders in the Browse Operations screen for a particular FBO Location, the user must have rights to the Administration of the FBO Location, as well as to the location itself and to the Browse Operations screen.

See also

Authorizations screen