Maintaining Web Service Users

Use the Web Service User form to maintain information about PrismHR Web Service Users, which are used when accessing the API. You can set up user profiles, grant or deny access to different companies or IP addresses, and review pending updates for web service users.

Actions Menu

The Actions menu on the Web Service Users form contains the following options:

Audit – see Viewing the Audit Log
Pending Approval Emails – specify the email addresses to receive notifications about pending web service user updates. See Setting up Approval Emails for Pending Updates to Web Service Users.

Maintaining Web Service Users Information

To maintain web service users, do the following:

1. Complete the following fields as needed:

Field

Description
User ID

Enter or select the ID for the user profile.

Note: If this is a Marketplace Integration user, enable that field to select a vendor description. (After making a selection, if this is a new user the vendor's name displays in the User ID field.)

After you specify the user ID, PrismHR will notify you if there are pending updates for that user. To review these updates, click Review Updates.

After you click Review Updates, the Review Web Service User Updates window opens, describing the pending updates.

Do one of the following when this window displays:

Click Deny and Remove Request to deny the permissions update.
Click Approve and Apply Updates to approve the permissions update.
Click Close to close the window without performing an action.

Marketplace Integration

Enable this field to display a second field where you can select the Marketplace Integration vendor's description. (After making a selection, if this is a new user the vendor's name displays in the User ID field.)

Note: If the user record already exists but the Marketplace Integration field is not enabled, you can enable this field and select a vendor's description, which does not overwrite the existing User ID. After saving this update, you cannot change the User ID, the Marketplace Integration field, or the vendor description field.
User Name Name of the user.
Password Password for the web service user (required for obtaining an API session token).
Account Disabled Select this field to deactivate the web service user account.
Company Access

Defines the companies that users can access. Options are:

  • Grant Access by Default, Deny Access to Specified — The user has access to all companies by default. To restrict access to certain companies, enter the user IDs of those companies.
  • Deny Access by Default, Grant Access to Only Specified Companies — The user can only access the companies listed.

Note:  By default, web service users can see only active companies. With some API methods, they can also see inactive companies. Companies with other statuses (pending, pre-terminated, and terminated) are not available.

Minimum API Version

Select a supported API version from the list. The system will restrict the user from accessing versions prior to the selected one.

Note:  2.0 corresponds to all versions of prismhr-api.
Company ID (Optional) Enter one or more Company IDs. A Company Name displays for each ID. The Company Access setting determines whether the user is restricted from seeing the specified companies, or only has access to the specified companies.
Contact Information For example, the user's phone number or email address.
Disable IP Restrictions

Select this field to disable the IP restriction feature.

Note:  This is not recommended for use except by Development.
Allowed IPs

Allows specific IP addresses to access the web service engine with the user's credentials.

To specify a range of IP addresses, use a hyphen. For example: 123.456.789.100-123.456.789.200.

Note:  The IP address range feature applies to API versions 1.23 and above.

This example would grant access to all IP addresses falling between 123.456.789.100 and 123.456.789.200, inclusive.
Disable Method Restrictions

Select this field to disable method restrictions.

Note:  This is not recommended for use except by Development.
Allowed Methods

Use this grid to grant the web service user access to only certain endpoints of the PrismHR API. For example, if you created a web service user for a time clock vendor, you might want to restrict that user's access to only methods that return time clock-specific data.

When setting up allowed methods, you can use an asterisk (*) to grant access to all methods in a particular service. For example, ClientMasterService.* grants the web service user access to all Client Master Service methods. You cannot use an asterisk to grant access to SystemService methods.

Note:  Leave the Allowed From and Allowed To fields blank if there is no time of day restriction for the method. All times are Central Time.

  • Allowed Method — Specify each method that the web service user is allowed to call. See Allowed Methods for Web Service Users for a list of the methods and brief descriptions of the data that they allow the web service users to access. For detailed information about the returned data, see the PrismHR API docs.
  • Allowed From — Time of day when a method can be called.
  • Allowed To — Ending time of day when a method can be called. If there is a time in the Allowed From field, but no value in the Allowed To field, the system defaults to midnight.

Any changes made here will be applied the next time the user logs into the system. If the user is currently logged in, access does not change.

2. Click Save.

Parent Topic

Maintaining System Parameters