Adding Users

security overview gravity’s security is fully integrated into the microsoft 365 cloud portal used for all microsoft cloud services like office 365, sharepoint, and teams (note office 365 or other microsoft services are not required to use gravity) there are several advantages to having an integrated security system one login and password for all microsoft cloud services change your password once for all services enable higher levels of security like multi factor authentication (mfa) or separate credential tools like duo disable a user in one place for all services adding a new user the steps to add a new user to gravity are create the user in the microsoft portal assign the user the appropriate microsoft power apps license insert the user into the power platform environments assign the user one or more security roles add the appropriate entities (companies) to the user that they have access to note the steps to add a user are different if you are using the power apps pere user license or the power apps per app license there are separate sections below for each license type microsoft power apps licenses microsoft has several types of licenses that can be used by gravity users the primary licenses are power apps per user used by gravity power user roles assigned in the microsoft admin portal (similar to office 365 licenses) power apps per app used by gravity limited, read only and cpa roles assigned in the power apps platform creating the user in the microsoft portal you will be required to have microsoft admin privileges to add users users can be added and assigned a login name and password adding a user with the power apps per user license users can be assigned a power apps license at the time they are created or latter after they are created select the appropriate license if you do not have an available license than you should contact you microsoft license provider after selecting the user, you will see the option to assign licenses to the user you will be required to have microsoft admin privileges to add licenses adding the user to the power platform environment note you will have to repeat this for each environment the user will be accessing you will be required to have microsoft power platform admin privileges to add users to the platform select the following url https //admin powerplatform microsoft com/environments https //admin powerplatform microsoft com/environments this will show you the existing power platform environments select the environment by clicking on the name, this will open up the environment’s information section select “users see all” select add user then identify the user on the right side that you want to add after adding the user, you will be prompted to assign a security role security roles can be added or changed after the user is enabled for the environment adding a user with the power apps per app license creating the user in the microsoft portal you will be required to have microsoft admin privileges to add users users can be added and assigned a login name and password users can be assigned a power apps license at the time they are created or latter after they are created assign the per app license to the correct environment you will be required to have microsoft power platform admin privileges to add users to the platform select the power platform admin portal at https //admin powerplatform microsoft com/ https //admin powerplatform microsoft com/ on the left menu select (1) resources >(2 )capacity scroll to the bottom in the add ons block select (3) manage from the menu on the manage add ons panel select the (4) environment (most likely the production) on the app passes are (5) assign the number of passes to the environment adding the user to the power platform environment you will be required to have microsoft power platform admin privileges to add users to the platform select the following url https //make powerapps com/ https //make powerapps com/ select the correct environment in the upper right corner on the left menu select (1) apps select the (2) gravity app and on the (3) 3 dots select “share” from the menu in the (4) people box enter the person to be added once found the (5) person will be listed below the box select the (6) security roles for the person to be added adding entities to a user adding entities (companies) to a user a user will not have access to a company unless they are explicitly given access to assign a user to a company select the user from the list and the user information form will appear under financial entity access select the “+” option to open a dialog to select and add the entity to the user when a user’s first entity is added they are automatically assigned to a gravity license note, for a user to see information in a dashboard they must have read access to the records that make up that dashboard security addendum gravity’s supports a multi tired security profile for users as follows entity (company) access microsoft power platform security roles enhanced process security optional field level security predefined security roles while custom security roles can be created, gravity installs with several predefined security roles listed below gravity administrator – access to the gravity system setup area only gravity ap user – access to all purchasing and payables functions gravity limited ap user – access to all purchasing and payables functions except check or ach deployment gravity ar user – access to all receivables functions gravity dashboards – access to gravity dashboards gravity financial user – access to all general ledger and financial functions gravity power user – access to all functions setting up a user security role all users in gravity must have a microsoft dynamics 365 or power apps platform license see your gravity or microsoft representative for more information on microsoft licenses after a new user is setup in the microsoft platform, they must be assigned at least one security role in gravity under platform settings >security >users select the user to update select manage roles at the top a dialog window will open allowing you to select the appropriate roles managing gravity licenses organizations must subscribe to a gravity license for each user that will access information under the gravity menus and forms in addition to a microsoft platform license gravity licenses are automatically assigned when a user is assigned to their first entity (company) to manage gravity licenses, select financials >system settings >system >license information license key, due date and number of users are maintained by gravity and updated automatically if needed you can force an update using the update license action on the top menu disabling a user on the microsoft platform does not remove their gravity license to remove a license, you must identity the user in the enabled or disabled views and remove them from the license creating a new gravity security role it is often easiest to copy an existing role and change the security attributes under platform settings >security >security roles open the existing role and select actions >copy role to make a new role the gravity entities will be listed under the custom entities tab you can add or remove security rights to an entity note that many forms are reliant and data from other entities for example, you cannot create a voucher without read only access to vendors, charts of account, terms etc new role process security security roles will define the type of access to an entity that a user will have in addition, gravity enhances the security with process security rights for example, a user may have full access to creating an invoice but may not be able to print or post the invoice to access enhanced process security, select financials >system setup >system >miscellaneous security privileges miscellaneous security privileges are appended to the security role to enhance user security if a new security role is created, the miscellaneous security privileges record must be completed to give the user correct security rights to printing, processing and reports in gravity field level security field level security is available in gravity please refer to the microsoft documentation on how to enable field level security and administer it