The sample includes security rules for metrics, dimensions, measures, and key performance indicators (KPIs).
The sample uses LDAP as the external entitlement system for metrics and KPIs.
"MCID": "Mortgage_Lending_BAM_MC",
"MCMetricRules": [ {
"MetricIDs": [ "LDAP.$account.title.mappedValue"],
"VisibleTo": {
"Users": ["SampleUser3","SampleUser4"],
}
} ]The LDAP.$account.title.mappedValue means that the current user's title LDAP attribute must be retrieved from the LDAP server and then must be mapped to the name of the metric in the rule.
| User | External field (title) |
|---|---|
| SampleUser3 | Employee |
| SampleUser4 | Manager |
| External field | Visible object ID (metric) |
|---|---|
| Manager | Application_Loan_Amount and Completed_Loan_Amount |
| Employee | None |
After this security rule is implemented, only SampleUser4, whose title attribute in the external entitlement system is Manager, has access to see the Application_Loan_Amount and Completed_Loan_Amount metric IDs.
"KPIRules": [ {
"KPIIDs": [ "LDAP.$account.title.mappedValue" ],
"VisibleTo": {
"Users": ["SampleUser3","SampleUser4"]
}
} ]The LDAP.$account.title.mappedValue means that the current user's title LDAP attribute must be retrieved from the LDAP server and then must be mapped to the name of the KPI in the rule.
| User | External field |
|---|---|
| SampleUser3 | Employee |
| SampleUser4 | Manager |
| External field | Visible object IDs (KPI) |
|---|---|
| Manager | Yearly_Maximum_Completed_Loan_Amount, Monthly_Maximum_Completed_Loan_Amount, and Total_Completed_Loans |
| Employee | None |