Exclusive Permissions
  • 07 Mar 2025
  • 2 minute read
  • Dark
    Light
  • PDF

Exclusive Permissions

  • Dark
    Light
  • PDF

Article summary

Exclusive permissions are database-wide, administrator permissions.

The name “exclusive” refers to the fact that these permissions cannot be inherited (as through a role), and must be granted to users explicitly.

When you create a new user, you can grant them exclusive permissions in the Roles tab.

You can create custom exclusive permissions. Custom exclusive permissions appear alongside other, non-exclusive custom permissions in the Permissions tab.

Administrative database banner

When a user is granted this permission, they see the text assigned to the Banner for Administrative Pages configuration key. Editing the banner text through the configuration key requires the Security Administrator permission.

This banner appears at the top of all pages in the database.

Tip ✨

Use this banner as a label for the entire database: Undergraduate, Graduate, Advancement, and so on. If you have administrators who work in more than one database, this banner can alleviate confusion as to which one they’re working in. At the same time, those who work solely in the database don’t have to see it.

📖 Further reading: Configuration keys

All realms

When a realm is associated with an object, only those users with both the appropriate permissions for that object type and the realm are granted access.

If a user should have access to all objects, regardless of realm, gran them this exclusive permission. This in effect overrides the requirement to add realms to the user accounts who have the All Realms permission.

📖 Further reading: Realms

Direct SQL access

Slate supports direct, native SQL Server connections that may be used from any client that supports connections to a SQL Server. The connections provide a read-only interface into your Slate database.

📖 Further reading: Direct SQL access

Payment gateway setup

Grants access to configure Slate Payments.

A user with this permission can enter bank account data to route payments to a destination account. To help audit this process, an email is automatically sent to all users with the Security Administrator exclusive permission whenever a new destination bank account is added.

📖 Further reading: Slate Payments

Security administrator

At least one user in every database must have the Security Administrator permission. It is intended for users who monitor database security. We recommend assigning this permission to two or three users.

Until one or more users have been assigned as a Security Administrator, Technolutions sends reminders to assign the permission to a user or users to all Slate Admins. This lets a select group of staff members receive notifications for security events or user account adjustments. The user or users assigned the Security Administrator permission then become the primary contacts for all security communications from Technolutions.

Responsibilities

Security administrators:

  • Manage Slate users: Add, update, and deactivate user accounts

  • Monitor Slate usage: Monitor the access logs and user login history through the Security Dashboard. Security Administrators should also audit existing user accounts to determine if and when users should be deactivated

  • Monitor login notifications and checkpoints: When a user attempts to sign in from an unrecognized location, Security Administrators receive a notification to either approve or deny the login attempt

📖 Further reading: Checkpoints, Login Notifications, and Account Blocking (article requires login)

SFTP access

Creates SFTP credentials to log in, download, and upload files within the specified directories within your institution's Technolutions-provided SFTP server.

📖 Further reading: SFTP access

SSN Unmask

Grants permission to:

  • unmask the Social Security Number field on the person record

  • select the SSN export in person-based queries

Unmasking SSN on the person record

Support ticket submit

You can grant up to three users the permission to submit support desk tickets to Technolutions. To ensure that tickets are submitted and ranked according to your institution’s priorities, rather than by many individual priorities, this exclusive permission should be reserved for Slate Admins.

📖 Further reading: Support desk guidelines


Was this article helpful?