ECM Securities from within Epicor

Flash_Aubergine · February 6, 2025, 10:03am

We use ECM extensively across all areas of Epicor. When it was originally set up by Epicor staff they put in place the standard set up I guess. We now want to apply some securities within some document types (folders).

I have applied strict securities within docstar/ECM in the Folders and the security classes. These work when accessing docstar through a browser. However, from within Epicor a user that is not in the security class or folder security is able to view a document.

My Reasoning is is that because, within Epicor, the Attachment maintenance authentication is set to user name and password = admin@docstar … that everyone that has the ability to see the attachment folder is able to view the documents.

Is there a way on allowing users to see the attachment structure but not allow them to open and view it unless they are members of the docstar security class?

In my example I have a document type of bank detail changes on the supplier (vendor) table. users within our accounts teams can add documents and view them. However Buyers, who have a similar access to the supplier/vendor screen should not have the ability to open these documents either in Epicor or in Docstar.

MikeGross · February 6, 2025, 1:39pm

Yep, you’re reasoning is correct. There two choices for ECM ↔ Kinetic authentication. The one you chose allows for minimal ECM user licensing, and the other requires a user license for everyone in Epicor (basically).

The idea behind choosing the method you have set up, is that the Epicor Menu security is in place to prevent users from getting to an entity or transaction and viewing attachments unless they are allowed to do so.

You may need to address this with a bit tighter Epicor menu security, or a BPM or two one the ‘view attachment’ method to check their Epicor group and allow/prevent access.

Flash_Aubergine · February 6, 2025, 1:49pm

Hi Mike Thanks for that. That is what I thought. I was kind of hoping that there would be more security integration when Epicor brought Docstar. Oh Well!

MikeGross · February 6, 2025, 1:57pm

It may still come to be, but ECM is a code base that supports a number of other customers & integrations (before Epicor bought) and still needs to support them. I don’t think they’ll split the code base for this, but they may. Or they may have to in order to facilitate some new functionality, who knows.