Warehouse Security

ERP Cloud

This section provides direction on how to set up security models for user access when an Inventory Control Point (ICP) has multiple warehouses.

A working knowledge of the security capabilities of Salesforce and Order and Inventory Management is required to configure warehouse security.

The work carried out in warehouses can be segregated so that warehouse workers only see the work that is carried out in the warehouse they are assigned to in Order and Inventory Management. Workers should not be able to see work carried out at other warehouses. However, warehouse managers could benefit from the ability to see records associated with other warehouses in their ICP network.

 

Ownership

All records on the Salesforce platform involve a concept of ownership. This extends to the data in Certinia applications. Data ownership must be considered when you develop your warehouse security model. Where there are multiple users that require access to records, a concept of queues and groups is applied to warehouse inventory to support the security model.

Inventory Control Point and Warehouse Data

Data record ownership is defined on the warehouse object. All inventory records for a specific warehouse have a common ownership regardless of which user is creating inventory in that warehouse. For example, when a purchase order is received, inventory is created in the receiving warehouse. The inventory data is assigned to the warehouse queue when it is created. It is the warehouse queue that owns the data in that warehouse.

Warning:

We strongly recommend that you avoid setting your inventory position security setting to private, especially if you have high volumes of inventory transactions with more than one warehouse, each with more than one warehouse user. This is not required to provide the correct security access to users. If this is unavoidable in order to achieve a customized implementation, an admin user must run the manual backorder process regularly to ensure there are no conflicts with security across warehouses.

Users

Users must have the following assigned:

  • Role

  • User license

  • Profile

Users can be assigned to the appropriate public group to ensure quick and accurate warehouse queue configuration.

Public Groups

Public groups can be created for each set of users. A group can be warehouse workers that have been assigned to a specific warehouse or users that have been assigned the same role, for example warehouse managers as illustrated below:

Each warehouse must have its own group. We recommend that the warehouse group name is the same as the warehouse name and that you add each of the users who has access to the warehouse to that group.

Queues

When you create a warehouse, a queue is automatically created for that warehouse and assigned as the owner of the warehouse. It is possible to add individuals to a queue but we recommend you add a group to a queue so that the appropriate sharing rules can be configured. A queue allows groups of users to manage a shared workload more effectively. You can select which objects to include in the queue, for example, the Inventory Action Queue.

Inventory Action Queues

Your organization communicates with its warehouses using inventory action queues. The actions that need to be carried out as part of managing inventory appear on the Action Queues tab in the Inventory Management application.

TheAction Queues tab shows the queues of work for each warehouse which can include the following tasks:

  • Inspection

  • Put Away Inventory

  • Picking

  • Shipping

  • Cycle Counting

Sharing Settings

Sharing settings are a security control that specifies the level of access your users have to each other's data. For the purpose of configuring warehouse security, sharing rules must be set for the Inventory Action Queue object so that only users associated with a specific group can see the inventory action queue entries.