Record Level Security

So, I don’t think this is possible but will defer to the experts in the forum.

Can you set up security to limit a user to only see certain parts across the whole system?

What I was thinking was to put a custom field on the User account and on Part. Then based on these 2 fields, the User would be able to see these parts but not those. I would be looking to do this across the whole system. So, Part Entry, Part Tracker, Job Tracker, Invoice, any where that part might be.

I would not be looking to allow the user to see all lines of an invoice except the line with the part. I would just like to have the system not allow the user to see the invoice because it has a restricted part on there.

I advise exploring Epicor Workflow, WorkForce (RepID), and Roles to restrict access to the data. Also, many of the System BAQs used in Trackers have built-in security to restrict the customer, quote, and order data. I would explore the out-of-the-box functions first before considering further customization(s).


I’ve done something similar to this. I created a UD field called Released_c on the part table and created a pre-processing BPM on Part.GetList containing:

  • a condition box saying “user is not part of (Authorized Security Group)”
  • a custom code box with one line of code:

whereClause = "Released_c = 1 AND " + whereClause;

Then I made BPMs on the major forms (PO, quote, sales order, job entry) which also block access based on the Released_c checkbox’s value.

1 Like

Thanks, I’m going to start exploring the functionality that restricts on territory to see if I can copy/leverage that. I had not even thought about that.

Years ago (too many to remember?) I had a Vantage customer who wanted to secure SUPPLIERS… in order to do this, we came up with the idea of simply hiding them from searches. We figured out that it was actually fairly simple.
Years later, I migrated the solution to E10… attached is the E10 solution.

  1. There is a security group called Partners
  2. There is a special group of suppliers that are “Partners” who are to be hidden unless you belong to the security group above
  3. We created BPM(s) to do the hiding.

The attached document will show all the steps, but in reality, the BPMs are simple single line of C# code BPMs.How to do Record Level Security E10.pdf (589.3 KB)


Hi @timshuwy

I am looking to implement your solution on hiding items from a list but was wondering if someone knew the supplier ID would they be able to type it in manually?

Edit - removed type in Tim’s userID



Hi @timshuwy

I can see BPM 2 covers the scenario of manually entering the value so all good.