Since the access authorizations can be defined in 3 ways (access profile, personal access profile and access exceptions), and within one way the same network element can also occur several times, it is important to define a clear priority, in case it's the same element that occurs twice, or multiple, definitions overlapping in time, with a different definition (allow access / deny access).

Below the priorities are being visualized at an equal definition of access at the same element.

In case of doubt you can also always consult the report which provides an overview of the access authorizations of a person within a certain period.

Priority within the same level:

Within the same level one could also define overlapping definitions on the same network elements (for example 2 access profiles in "global access profiles" which contain the same network element overlapping in time). This is only important in case these overlaps have an opposite definition of access (namely allow access / deny access). In this case the definition with "deny access" always has the priority.

Priority between 3 ways of defining:

Priorities from high to low:

•Access exceptions

•Personal access profiles

•Global access profiles

This means that an access authorization in "Access exceptions" overwrites all other definitions (in case there are any overlaps), even if they would explicitly deny access at a lower priority.

Definitions in "Personal access profiles" overwrite all other definitions (in case there are any overlaps) in "Global access profiles", even if they would explicitly deny access at a lower priority on a specific network element.