Note: Dynamic Access Control offers a more robust way to secure users in Vault. We recommend using Dynamic Access Control on the User object instead of Hide User Information.
Many organizations need to prevent external or cross-domain users from viewing names and identifying details of other users. With Hide User Information, users will not see the name or other identifying details of any Vault user that does not share the same email domain. Note that this is based on the user’s email address domain, not the Vault user name domain. They also will not be able to delegate access to their Vault. The user will be able to see their own information throughout Vault.
For example, VeePharm has an external group (Medi-Review, Inc.) that is responsible for medical and legal review on their promotional materials. To prevent Medi-Review users from seeing information on VeePharm users, VeePharm Admins assign all Medi-Review users to a security profile without the View User Information permission. When Tracy (email@example.com) logs in and looks at an annotation that Gladys (firstname.lastname@example.org), she sees the annotation author as “Vault User,” rather than seeing Gladys’s name and information.
User Information Masking
The table below lists common user information and how it displays for users without the View User Information permission.
|Value||With View User Information Permission||Without View User Information Permission|
|Display Name||Gladys Dunford||Vault User|
This masking is configurable and translatable, and it may appear differently in your Vault.
The following list includes some of the areas where user information is masked. Note that this list does not include all areas where user information appears, but all user information is hidden from users without the View User Information permission.
- Annotations and document-level comments
- Email and Vault Home notifications
- Objects and documents with user-related object reference fields
- Workflow reports
Note that user information is not masked in Admin > Configuration, or in CSV exports from Business Admin > Objects > Users. Users with access to these areas should have the View User Information permission.
User Access Limits
The following functions and areas of the application are unavailable to users without the View User Information permission:
- Timeline View (from Doc Info page or object record details page)
- Lifecycle Stage Chevron panel (from Doc Info page or object record details page)
- Delegate Access (from the User Profile page)
- Sharing Settings (from Actions menu or Doc Info Fields panel)
- Edit Sharing Settings actions (from bulk document actions)
- Search and filters related to user information (from Search, Advanced Search, Library and custom tabs)
Vault hides these areas instead of masking the user information.