Restricting access the service account needs for reports

Gathering Feedback

Comments

2 comments

  • Avatar
    Andrea Moro

    Hi Chelsea, 

    thank you very much for your message. With our current architecture, we are somewhat limited in what we can do. The setup you described is required to ensure that Timetracker reporting has access to all the data required by the underlying caching logic to work properly. That being said, the user running the reports can have their permissions limited so they don't need full access.

    Regarding your request, although theoretically we could allow users to specify all the access settings manually, this would be error prone and hard to maintain, which is why the app currently does not support this functionality. We will monitor this and other similar thread and reassess in due course.

    Kind Regards,

    Andrea
    Product Owner - www.7pace.com

    0
    Comment actions Permalink
  • Avatar
    Andrea Moro

    Hi again

    as a quick addition to the above, I just wanted to clarify that should this become a non-negotiable requirement there is a workaround available. This would require you to create a new user inside the Project Collection Admin group and authorize it using PAT (personal access token). And in this PAT you could also limit permissions to read-only. However, as per my previous message, we don't support adopting this solution because it is error prone and it comes with some significant limitations (e.g. the completed and remaining work fields will not update for this user).

    Kind Regards,

    Andrea
    Product Owner - www.7pace.com

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk