Security & Access

This information is designed for business transactional users and does not impact employee and manager self-service access. Manager Self Service & Employee Self Service access and roles are automatically provisioned when an employee is hired (ESS) or placed in a position with a “reports to” (MSS) and no additional request is required.

The UCPath Center defined over 500 UCPath Security Roles that locations may assign to their UCPath transactional users to allow them to perform their job duties and operational responsibilities. Based on the UCSC organizational structure and existing campus business processes, the majority of these roles will only reside in campus central offices (e.g. Staff HR, Financial Affairs, and Academic HR Representative in Academic Divisions). There are a few roles that will be provisioned to campus divisions or units to support financial processing and/or additional campus support services.

UCPath Security consists of two components:

1. Security Roles: “What pages/screens do I have access to?” (i.e. what can I do)
   
2. Row-Level Security (RLS): “Which departments do I have access to add/maintain/view data for?” (i.e who can I see)
   

Authentication and authorization to UCPath uses UCSC Single Sign-on (SSO) and are handled within UCSC ITS by Identity & Access Management. A CruzID and gold password are required to access UCPath.

Here is the process to gain transactional access to UCPath

1. Unit or Division - Submit UCPath Access Form that includes the appropriate authorized signatures.
   • Divisional Role Descriptions
   • UCPath Departments & Department Security Tree
   • If you have questions on who can sign the form, please refer to the UCPath DAG Approvers
2. UCPath ITS - Processes the form and will register the new user for required web-based trainings.
   • The new user will receive an email from the UC Learning Center with a link to the required courses for them to complete. The user might also see recommended courses and they have the option to complete those.
   • In addition, the user will receive instructions from UCPath ITS for required instructor-led training, if applicable.
3. New User - Must require web-based and/or instructor-led training prior to gaining access to UCPath.
   • New user must also sign the Access to Information Statement
4. UCPath ITS - Once training has been completed and verified, UCPath ITS will update access to UCPath and will notify the new user via email.

If you should have any questions about this process, please contact ucpathhelp@ucsc.edu