User Management
Overview
User management in timveroOS provides comprehensive control over system access through role-based permissions and departmental organization. This module ensures secure access while maintaining operational efficiency through structured permission hierarchies and audit capabilities.
Role-Based Access Control (RBAC)
The system implements role-based access control through a hierarchical structure:
Organization Level: Top-level system access
Department Level: Functional area restrictions
Role Level: Specific permission sets
User Level: Individual access assignments
Department Configuration
Departments serve as both organizational units and workflow boundaries within timveroOS.
Setting Up Departments
Navigate to Settings → Catalogs → Decision Departments to configure:
Department Code: Unique system identifier
Description: Clear functional description
Active Status: Enable/disable departments
User and Department Management
Department Assignment
Departments are assigned at the user level, not the role level. Each user is associated with a specific department that defines their organizational context.
Configuring User Departments
Accessing User Management:
Navigate to Admin Panel → Users
Select the user profile to configure
Assigning Department:
Locate the Department field in the user profile
Select the appropriate department from the dropdown menu
Save changes
Role-Department Interaction:
Roles define permissions and capabilities
Departments define organizational scope
Role permissions apply within the user's assigned department context
Users can only be assigned to one department at a time
Users can only be assigned to one role at a time
Example Configuration
A user with the "Credit Analyst" role assigned to the "Retail Lending" department will have credit analyst permissions scoped to retail lending operations only.
Department-Workflow Integration
Departments determine:
Warning assignment routing
Work queue visibility
Escalation pathways
Access boundaries
Role Configuration
Important: Roles must be configured before users can be assigned to them. Complete role setup before creating user accounts.
Accessing Role Configuration
Navigate to Settings → Roles to create and configure roles.
Creating Roles
Define role identity:
Name: Role identifier
Description: Role purpose and scope
Start page: Default landing page after login (dropdown selection from available pages: BI, Launchpad, Applications, Loans, or custom directories)
BI Dashboard: Assign dashboard from catalog (dropdown automatically fetches all active dashboards from the BI Dashboards catalog)
Configure permissions: Use Permission Matrix to assign access across modules:
General Access: View, Create permissions per module
Additional Actions: Specific actions (Edit, Approve, Decline, etc.)
Tabs: Access to specific data tabs within entities
Available Modules in Permission Matrix (example list - actual modules depend on SDK implementation):
Catalogs, Applications, Clients, Collateral, Covenant, Loans, Marketing campaign, Notifications, Offer engine, Participant, Transaction, Users, Vendor
The exact list of modules and available actions depends on the custom actions, views, and features implemented in your specific assembly. Each module has specific permissions that can be granted based on role requirements.
Decision Permissions
Roles can be granted authority to make various types of decisions within the lending workflow. These permissions determine which actions users with this role can take on applications and deals.
Available Decision Actions
Approve
Grant permission to approve applications
Users can move applications forward in the workflow
Typically assigned to underwriters, credit analysts, and managers
Decline
Grant permission to decline applications
Users can reject applications with documented reasons
Requires decline reason code selection
Typically assigned to underwriters, credit analysts, and managers
Review
Assign for review without final decision authority
Users can analyze and comment on applications
Cannot approve or decline without escalation
Typically assigned to junior analysts and support staff
Configuring Decision Permissions
Accessing Role Configuration:
Navigate to Admin Panel → Roles
Create new role or edit existing role
Locate Decision Permissions section
Setting Permissions:
Enable desired decision actions by checking the corresponding boxes:
☐ Approve
☐ Decline
☐ Review
Save role configuration
Decision Workflow Example
Senior Credit Analyst Role:
✓ Approve
✓ Decline
✓ Review
Junior Credit Analyst Role:
✗ Approve
✗ Decline
✓ Review
Example Role Templates
Common role configurations include:
Loan Officer
Submit and manage applications
View automated decisions
Request documentation
Basic reporting access
Underwriter
Review flagged applications
Override specific factors
Approve/decline with conditions
Access risk assessment tools
Manager
Override subordinate decisions
Approve policy exceptions
Reassign workloads
View performance metrics
Administrator
Configure system parameters
Manage user access
Modify workflows
Access audit logs
User Lifecycle Management
User Creation Process
Prerequisite: Roles must be configured before creating users. Navigate to Settings → Roles to verify roles exist.
Account Setup
Navigate to Settings → Users
Create new user with required information
Assign role(s): Select from previously configured roles
Assign to department
Configure additional user settings
Access Configuration
Configure notifications
Enable audit tracking
Activation
Distribute credentials
Verify successful login
Complete initial training
Document access approval
Access Management
Regular Maintenance:
Review active accounts
Validate permission appropriateness
Update for organizational changes
Remove inactive users
User Deactivation:
When a user is deactivated, their assigned work items (warnings, applications in review) return to the shared pool of items for other users in their department.
Security Controls:
Multi-factor authentication (MFA) available
Password policy enforcement
Session timeout configuration
Login attempt monitoring
Single Sign-On (SSO) support via SDK configuration
LDAP integration supported (users must be created in system first, then mapped by login)
Integration with Operations
Launchpad Integration
User permissions directly control Launchpad functionality:
Permission-Based Features:
Department work queue visibility
Self-assignment capabilities
Supervisor assignment rights
Cross-department coordination
Warning Management Workflow
The system tracks assignment and resolution status:
Approval Process:
Decline Process:
Application Status Management:
Audit and Compliance
Activity Tracking
The system maintains comprehensive audit trails:
User login/logout events
Permission changes
Data access patterns
Configuration modifications
Decision overrides
Compliance Features
Role-based access documentation
Permission change history
User activity reports
Access recertification support
Segregation of duties enforcement
Configuration Guidelines
Initial Setup
Define organizational structure
Create departments matching operations
Establish role hierarchy
Configure base permissions
Add initial users
Test access patterns
Ongoing Management
Document role definitions
Maintain permission matrices
Schedule regular reviews
Update for organizational changes
Monitor access patterns
Archive inactive accounts
Technical Considerations
Performance Impact
User queries optimized for speed
Permission caching implemented
Department filtering reduces load
Role inheritance minimizes complexity
Security Architecture
Encrypted credential storage
Session management controls
Failed login tracking
Permission boundary enforcement
Integration Points
System Components
User management integrates with:
Workflow Engine: Permission-based routing
Document Management: Access control
Reporting System: Data visibility
Notification System: Alert distribution
External Systems
HR system integration capabilities
Single sign-on (SSO) support
Directory service connectivity
Authentication provider options
Implementation Resources
Admin Panel Configuration
User Profile Configuration - Managing user accounts and department assignments (this page)
Role Management - Defining role permissions (this page)
SDK Configuration
The following capabilities require SDK team involvement:
User Management API integration
Permission structure customization
SSO and directory service integration
Custom authentication providers
Next Steps
With user management configured, proceed to:
Notification Templates - Set up communication channels
Document Templates - Configure document workflows
Workflow Fundamentals - Build decision processes
For additional user management guidance, consult your system administrator or implementation team.
Last updated
Was this helpful?