Adding User Accounts to a Security Key

A system administrative user must have access to the Security Key that encrypts passwords in order to create untrusted users or to modify the password for existing untrusted users. Note that untrusted users do not need access to this key in order to successfully log in to the system. Only the administrator who creates the user or edits the user's password requires access to the key.
Likewise, a user must have access to the Security Key that encrypts credit card numbers to save orders or payments with a credit card payment type.

By default, Aptify uses the Generic Entity Encryption Key to encrypt the passwords for untrusted users (which corresponds to the Password field in the Users entity) and credit card numbers (which corresponds to the CCAccountNumber field in the Payment Information entity). Note that you can change this key, as necessary. See Managing Field Level Encryption for details.

Follow these steps to add additional users to a security key, as necessary:

  1. Log in to Aptify as an administrative user who has access to the Security Key used to encrypt a field.
    • In the baseline Aptify installation, this is the Generic Entity Encryption Key. By default, the sa user and members of the Users, Accounting, and Administrators group have access to this key. 
  2. Create or open a view of the Security Keys service.

    The Security Keys service is found under the Aptify Framework Administration application.
  3. Open the record for the key that is used to encrypt the field (which is the Generic Entity Encryption Key for fields that are encrypted in Aptify by default).
  4. Click the User Permissions tab.

    Add User to Key
  5. Add a User Permissions record for each user who needs access to the field encrypted by this key.
  6. If you want to grant access to all of the users in a particular group, click the Group Permissions tab and add that group as necessary.
  7. Save and close the Security Keys record.
Was this article helpful?
0 out of 0 found this helpful



Please sign in to leave a comment.