This document assumes that the Patriot ICA module has been installed. This document covers setting user access levels and giving users access.
The Internet Client Access (ICA) module allows users access to their site information via the internet using a standard web browser. Patriot contains flexible configuration settings for allowing different levels of access to your users. This works by setting up one or more web-access security group(s) and then assigning one or more of these groups to each user that requires web access.
Security -> Operators -> Security Groups
You can insert a new web access security group in exactly the same way you would insert a new operator security groups - the only difference between the two group types is whether you choose to check "Web/Mobile Client" as a supported client app. When you choose "Web/Mobile Client" as the only supported app, a reduced set of security rights are available, which corresponds to the features currently available via the ICA website. Also note, that there are special considerations to be made when hiding and viewing tabs from the ICA that are listed under Security Right Definitions at operator security group because the ICA website is not an exact mirror of the Windows client interface.
There are 3 levels of web access:
Standard
Read-only access. View general client data and history, and generate client and log reports.
Edit Client
Adds additional features:
Extended Access
As well as the features above, this adds additional features:
Remote Action Plan Filtering configured through security groups applies to web/mobile client users only (windows client operator action plan filtering of pending activations is configured via operator preferences) and will determine what historic signals and activations are displayed to the web user. You can choose to exclude some action plans, or to only include some action plans. For performance reasons, pick the option which requires the fewest action plans to be selected.
To allow reporting in ICA, you should assign the security group rights for Report Shortcuts:
You can also decide which specific reports each security group has access to, out of the following options:
Report Type | Standard / Edit Client | ICA Extended / Administrators |
---|---|---|
Client Report | ✔ | ✔ |
Incident Report | ✔ | ✔ |
Log Report | ✔ | ✔ |
Activation List Report | ✔ | |
Client List Report | ✔ | |
Client Notes Report | ✔ | |
Client With Response Report | ✔ | |
Incident Extended Report | ✔ | |
Log Analysis Report | ✔ | |
Polled Client List Report | ✔ | |
Reason Analysis Report | ✔ | |
Type Report | ✔ | |
User Report | ✔ | |
Work Order Report | ✔ | |
Zone Report | ✔ |
You can select which specific reports each group can access, by assigning them individually. When logged into ICA, a separate Reporting menu is available to Extended Access users, in addition to the standard client reporting buttons.
Maintenance -> Users -> User or Dealer Maintenance
On the Remote Access tab of the User or Dealer who you want to grant access to, check Allow Web Access and then enter a Username (defaults to the user's or dealer's name) and Password. Passwords must be secure and Patriot will not allow passwords which do not contain a mixture of alphanumeric characters. Select the web-access security group whose access policy you want to apply to the user or dealer when they login to the ICA website. The security group can be configured on via Security Groups. Choose an Access Type for the user/dealer. Your new user or dealer web-access account is now active and once you have provided them with their new username and password, they will be ready to login to their ICA website account.
Client Groupings this access type requires the ICA Extended module. Only clients assigned to one or more of the selected site groupings will be shown to the user/dealer. Note that you have to save user details first for the list of available client groupings to appear. Read the Site Groupings Setup and Report tab to assign a grouping to a client. Also make sure to enable Operator Filtering in System Wide Settings in the Data Service Settings section.
Client Assigned if you do not have the ICA Extended module, then this is your only access type option. ICA users with client assigned access can only view clients who they are assigned to on the client users tab.
IMPORTANT: a User or Dealer granted Client Assigned web-access will get remote access to all clients who they have been assigned to, and only to those clients who they have been assigned to - so you must make sure that you only ever assign a web-access user or dealer to a client if they should have web-access to that client.
Security -> Operators -> Operators
Once you have web-access security group setup, you are ready to grant remote access to an existing Patriot Operator.
By default a Patriot operator granted web-access in this way will get remote access to all clients to which their existing Patriot operator account has access to - so you must make sure that you check an operator's existing client filtering settings before granting web-access to an operator. In the case where an operator should have access to a different set of client's via the web, to what they get when logging in to their account with a regular Patriot client, you will need to create an entirely separate Patriot operator account for them to use for web-access.
To grant web access to an existing Patriot Operator simply assign to their operator account the web-access security group whose access policy you want to apply to the operator when they login to the ICA website. The operator's web-access account is now active and they are ready to login to their ICA website account using their existing Patriot login details.
Action Plan Filtering is available to operators if the security group they are assigned to only have web/mobile enabled. These will only restrict signal and activation histories. In contrast to action plan filtering through operator preferences which only screens out pending activations that an operator can view.
Please note, assigning an operator to a security group that has remote action plan filtering enabled while the operator has action plan filtering in windows client, will show activations of any Action Plan types in both windows client and ICA.
IMPORTANT: the ICA website is encrypted using best practice SSL encryption, but because the website will often be hosted on the public internet you must make sure that all operators to whom you grant web-access have chosen a high security password for their Patriot operator account.