Setting up access tokens for users and groups requires
planning based on business needs.
For example, you can set up access tokens based on lines of business,
by department, or use other criteria. It is generally more manageable
to set up access tokens for groups, and then assign the group to different
users.
The following tables show sample records that set up access tokens
for users and groups.
Table 1. Sample data for USERPROFILE table
| USER_PROFILE_ID |
USER_ID |
| 1 |
GUEST |
| 2 |
USER |
| 3 |
ADMINISTRATOR |
Table 2. Sample data for GROUPPROFILE table
| GROUP_PROFILE_ID |
GROUP_NAME |
| 1 |
CORPORATE |
| 2 |
INVESTMENT |
Table 3. Sample data for ACCESSTOKEN table
| ACCESS_TOKEN_ID |
ACCESS_TOKEN_VALUE |
GLOBAL_IND |
| 1 |
1000 |
Y |
| 2 |
2000 |
N |
| 3 |
3000 |
N |
| 4 |
4000 |
N |
Table 4. Sample data for USERACCESSTOKEN table
| USER_ACCESS_TOKEN_ID |
ACCESS_TOKEN_ID |
USER_PROFILE_ID |
DEFAULT_IND |
| 1 |
1 |
3 |
N |
| 2 |
3 |
2 |
N |
Table 5. Sample data for GROUPACCESSTOKEN table
| GROUP_ACCESS_TOKEN_ID |
ACCESS_TOKEN_ID |
GROUP_PROFILE_ID |
DEFAULT_IND |
| 1 |
2 |
1 |
N |
| 2 |
4 |
2 |
Y |
The collection of access tokens are based on the
<requesterName> element, which is the user's name, and
<userRole> element, which are the groups the user belongs to, in the
<DWLControl> element in the request.
Suppose the system contains four contracts as follows:
Table 6. Example access token values
| CONTRACT_ID |
... |
ACCESS_TOKEN_VALUE |
| 10000000 |
|
|
| 20000000 |
|
3000 |
| 30000000 |
|
4000 |
| 40000000 |
|
1000 |
The following examples illustrate how these 4 contracts can be
operated on.
- Example 1
Request:
<DWLControl>
<requesterName>GUEST</requesterName>
<requesterLanguage>100</requesterLanguage>
</DWLControl>
Associated access token values: None
Operations
- If this request is to add a contract, the contract is added with
an ACCESS_TOKEN_VALUE of null
- If this request is to update contract 20000000, this request is
not allowed as this contract has an access token value of 3000
- If this request is to search contracts, this request returns contract
10000000 as this contract has an access token value of null
- Example 2
Request:
<DWLControl>
<requesterName>USER</requesterName>
<requesterLanguage>100</requesterLanguage>
</DWLControl>
Associated access token values: 3000
Operations
- If this request is to add a contract, the contract is added with
an ACCESS_TOKEN_VALUE of null
- If this request is to update contract 20000000, this request is
allowed as this contract has an access token value of 3000
- If this request is to update contract 30000000, this request is
not allowed as this contract has an access token value of 4000
- If this request is to search contracts, this request returns contract
10000000 and contract 20000000
- Example 3
Request:
<DWLControl>
<requesterName>USER</requesterName>
<requesterLanguage>100</requesterLanguage>
<userRole>INVESTMENT</userRole>
</DWLControl>
Associated access token values: 3000,
4000 (default)
Operations
- If this request is to add a contract, the contract is added with
an ACCESS_TOKEN_VALUE of 4000.
- If this request is to update contract 30000000, this request is
allowed as this contract has an access token value of 4000
- If this request is to update contract 40000000, this request is
not allowed as this contract has an access token value of 1000
- If this request is to search contracts, this request returns contract
10000000, contract 20000000 and contract 30000000
- Example 4
Request:
<DWLControl>
<requesterName>ADMINISTRATOR</requesterName>
<requesterLanguage>100</requesterLanguage>
<userRole>CORPORATE</userRole>
</DWLControl>
Associated access token values: 1000 (global),
2000
Operations
- If this request is to add a contract, the contract is added with
an ACCESS_TOKEN_VALUE of null
- If this request is to update contract 30000000, this request is
allowed as this user has a global access token
- If this request is to search contracts, this request returns all
4 contracts