Field Level Security
The API user that you have created for your Mosaic integration will have access to any of your data that meets the following criteria:
- Deltek has made the data available through their public API
- You are able see the data in your web application when logged in with the Mosaic API user
You can use Deltek Vision's "design mode" to make fields inaccessible to the Mosaic API user- if you can't see it when you're logged into the Mosaic API user, it can't be accessed through the API.
Removing a field from the Mosaic API user's access
- To get into design mode, click the “Design” icon in the lower right corner of the application:
- In designer mode, select the field that you want to set the specific access to (e.g. SSN)
- In the properties sidebar, select either the “Hidden” and/or the “Locked” option, click on “…” and select one or more roles.
Hidden: Any employee assigned to a role where the field is set to hidden will not be able to see it in the UI and the field value will not be sent through the API
Locked: Any employee assigned to a role where the field is set to Locked will be able to see but not to edit it in the UI and the field value will be sent through the API via GET but the API will not be able to update the field value.
Best Practices
Mosaic recommends removing the following fields from the Mosaic API user's access:
- Employee Address
- Employee SSN
- Sensitive client information
Updated about 3 years ago