SIMS 7 - Command Reporter (Permissions)
Accessing Data
Partner applications take one of two forms:
- User Present
- User’s own access rights apply
- Developer needs to consider how their application will respond to random access right grants for different users.
- Service Account (User not present)
- A new user is created
- Granted the access recommended
If schools believe that the requested rights are incongruous with the needs of the system, they should review the need vs the grant before allowing access. If in doubt, sources of advice are the partner & SIMS support.
The account should be tested before use and the password changed from the default. (This is an opportunity for the school’s data controller to see what access the application has.
The password should be obscure and stored securely.
Schools should not pass the password to the partner, it may be entered in to the partner’s system and stored securely.
Most users will need to be made members of the ‘Third party reporter’ permission group which allows access to IDs of entities within SIMS. It does not afford any access to personal data.
Partners would decide the appropriate model for their application but the service account model is usually simplest to maintain especially in a hosted configuration where school’s SIMS servers are managed in a data centre by an LA, School Group or commercial provider such as ESS.