New to Kinetic, Setting up Menu Security via groups

I am attempting to set our menu security in our cloud-based Kinetic instance. It is my understanding that I can disallow/allow users’ access to menus based on group membership. However, I cannot figure out how to disallow a group from accessing a particular security code.

I feel like I am close to achieving this. According to the documentation, it should be possible in Menu Security. However, when I attempt to remove any menu, the option to select a user or group is greyed out.

What I am trying to accomplish: I want to disallow members of a group from accessing certain built-in menu items.

In Menu Security, Choose the Default Access; then,

Screenshot 2025-01-21 1553441670×632 39.8 KB

This is much easier with a DMT, IMHO.

We completely disabled the standard Menu System in Epicor and made our own Menu Structure, disallowing all and then allowing the groups we wanted to have access to each item or menu. This is a major project, though…

Also note that there are a ton of hidden sec-codes to access certain slideouts, printing, etc. if you choose to disallow everything…

Should be able to scroll through the groups, find the one you want to change, click in the field labeled “Access”, make the change via dropdown and click save. Here’s an example…

image1827×811 48.7 KB

EDIT - and follow what @josephp said

Thank you! this confirms my suspicion that this is how you do it, however any ability to edit is greyed out. do I have to copy the menu security to my current company and then edit?

Your user has to be a Security Manager.

I have checked, and my user is security manager, however I cannot edit permissions in menu security maintenance

@James_Dahlke, I am not sure; you may also have to make sure your user is authorized under the user account for the other company as well.

We don’t run multi-company, so you may have to do something with that “copy to current company” you were talking about earlier…

Also, there may be an Epicor-made group that you might have to be in as well…

I’ll step back and see what the multi-company gurus have to say here… I’m sure you’ll get THE answer soon from here - these people are amazing.

Yes, you need to do the “copy to current company” to be able to edit. Not my favorite “feature”.

What version are you on? I have security groups (2024.1.9) that are both all companies and our single company and I can edit any of them without needing to “Copy to Current Company.” (I’m on-prem, so maybe if you’re cloud that is different.)

Do you perhaps not have all the companies you need (even if single) added to your user account in the Authorized Companies section? And/or all the necessary sites added to Authorized Sites within the Companies?

thank you!!! that did the trick

Just a further point on this. The relationship between menu id and security is not 1 to 1. This means if you alter the membership on one security id it can effect how the users accesses (or not) another menu id with the same security id.

It can be a bit of a trap for unwary new users.

Personally I like to keep the same menu structure, as this aids the users in navigating when they are using and documentation, like online help or the ELC. The whole, “Setup, General Operations, Reports” after a while you just eat sleep and breath the menu structure.

Role based security is one of the better ideas that have come out on this topic in recent years. (although not really new).