Managing User Security Policies in Align
Security policies control various session and security settings for Vault CRM users, including Customer SSO policies, password expiration durations, and more. While Vault CRM provides standard security policies used by default, custom security policies can be created in Vault CRM, imported into Align, and assigned to the appropriate functional profiles or individual roster members..
Who can use this feature?
- Browser Users
- Users require an Align License
- Align Operational Users
Configuring Managing User Security Policies in Align for

To configure this feature:
-
Ensure the following features are configured:
- Navigate to Admin > Users & Groups > Permission Sets.
- Select the appropriate Permission Set.
-
Select Objects.
-
Grant the following permissions:
Object Object Permission Object Types Fields Field Permission crm_security_policy__v CRED All All Edit aln_functional_profile__v
CRED
All
crm_security_policy__v
Edit
aln_roster_member__v CRED All - crm_security_policy_override__v
- crm_imported_security_policy__v
Edit - Navigate to Admin > Configuration > Objects > aln_functional_profile__v > Layouts.
- Place the crm_security_policy__v field on the appropriate layouts.
- Navigate to Admin > Configuration > Objects > aln_roster_member__v > Layouts.
-
Place the following fields on the appropriate layouts:
- crm_security_policy_override__v
- crm_imported_security_policy__v
- Ensure the crm_security_policy_override__v field has an active outbound field mapping in the integration with Vault CRM.
Managing Security Profiles as

When the next import occurs, active security_policy__sys records import as crm_security_policy__v records with the following properties:
- name__v = The value of the name__v field from the corresponding security_policy__sys record
- status__v = active__v
- crm_security_policy_status__v = active__v
- vault_crm_record_id__v = The value of the id field from the corresponding security_policy__sys record
Assigning Security Policies to Functional Profiles
Once security_policy__sys records have imported as crm_security_policy__v records, Align operational users can assign a security policy to multiple users at once using functional profiles:
- Edit the appropriate aln_functional_profile__v record.
- Use the CRM Security Policy field to search for and select the appropriate crm_security_policy__v record.
- Select Save.
If a security policy associated with one or more functional profiles is deleted, the corresponding crm_security_policy__v record is not deleted during the next import. Instead, an error displays in the import log informing admins that the crm_security_policy__v record must first be disassociated from all functional profiles.
Manually Overriding a Roster Member's Security Policy
By default, individual roster members' associated security policy is inherited from their associated functional profile. However, Align operational users can override this functionality with a specific security policy per aln_roster_member__v record.
Roster members must be designated as Align-mastered in order to manually override their security policy.
To override a roster member's security policy:
- Edit the appropriate aln_roster_member__v record.
- Use the crm_security_policy_override__v field to search for and select the appropriate security policy.
- Select Save.