This portal provides an open platform for user feedback and product change requests. Anyone can add an idea and remain as a Guest, but please consider signing up so that others can see who has created the ideas!
Note: this is a public facing web portal, any text here can be viewed by anyone over the internet, so please consider carefully the content you wish to share and please do not post anything of a sensitive nature.
Would it be possible to add a field for “Authorising manager” when adding new users? Ideally, we would be able to amend existing users to populate this field too.
We require this information to be present for audit purposes, so that we can always demonstrate that a user was correctly authorised to access YHCR.
The field could simply be for text, of a reasonable length to accommodate a name.
| As a | Systems Support Analyst |
| I would like | A field to record who has authorised the user to access the YHCR |
| So that | We can always demonstrate that a user was correctly authorised to access YHCR. |
| User contact | James.walsh@york.gov.uk |
Thanks for raising this, @Guest.
A separate request has been made for us to review our auditing capabilities in the admin portal to ensure we can easily report on information like this. Our user researcher is undertaking this investigation and will feedback the proposal to partners in our weekly workshop.
Our recommendation would be to limit portal admin access to a trusted few. It limits the scope of who might have performed the action and, coupled with the changes in audit logging that we will implement, should make investigations simpler.
I'm going to mark this idea as 'Will not implement'. That isn't to say we won't resolve the problem you've presented, we will just do it via the audit logs instead.
Let me know if you have any other questions or ideas.