Page-level Access by Role on Intranets

If you have pages on your intranet that should only be accessible by a subset of people, Stanford Sites Intranet supports protecting pages to groups of users by role. You may use the built-in roles on your intranet for controlling access (Faculty, Staff, Student) or you may request custom roles to meet your needs.

The following guide outlines how to request new roles, how to grant those roles to users on your site, how to set access for individual pages, and other security considerations.

This guide is designed for Site Managers. Site Editors and Contributors are not able to control access to pages or request roles.

Requesting custom roles

To request a new role or roles:

1. Come up with meaningful names for each of your roles. Some common examples include "Managers," "Leadership," etc. Whatever you pick should be well-understood by anyone with site editing access or responsible for technical support.
2. Send your request to SWS via ServiceNow.

Granting user roles

Once you have a custom role defined on your site, you can grant that role using the same methods used for granting editing access, which is documented elsewhere in this guide.

• You can grant the role to an individual user.
• You can use workgroups to map roles to users

Please note two important points that could impact the security of your protected pages:

• User roles are not removed if the user is removed from the workgroup. You will need to remove the role manually.
• The workgroup admins will also be granted the role (if they have access to your intranet.)

Protecting an individual page

Once you have set up custom roles on your site, you can use them to protect the page to a smaller group. To do this, go to the Publishing information tab and select what role(s) should have access. In this example, the page would only be accessible to users with the SWS Managers role.

Make sure to Save.

Considerations

Granting a role will not grant a user access to the intranet. 

Pages that are protected will only appear in on-site search or the menu for the users who have access to these pages. On-site search will

The original page creator will continue to have access to the page they created, even if they do not have one of the roles specified for access. To change this, you can navigate to the Authoring information tab and change the Authored by information to Anonymous.