Table of contents

Official Content

A GeneXus Access Manager (GAM) user can have many Roles associated and one Main Role.

The Main Role of a user is used to take the Security Policy of this role when the user has no security policy associated to him. See Security Policies for more details on this topic.

Programmatically, you can set the main role of a user, by the SetMainRoleById method of GAMUser object.

&isOK = &GAMUser.SetMainRoleById(&Id, &Errors) //&Errors is collection of GAMError, &Id is GAMKeyNumLong data type

The way to get the main role of a user is by the DefaultRoleId property of GAMUser object:

&Id = &GAMUser.DefaultRoleId //&Id is GAMKeyNumLong data type

In order to set a role as the main role of a user using GAM Backoffice click "Set as Main" in the list of roles of the user (as shown in figure 1).

Main Role - V 18 - GAM - editing

Figure 1.


When defining a new permission in the Knowledge Base (editing the Permission Prefix Property of any object), this permission is assigned to the Main Role of administrator user (see Administrator User Name property). This is in order to facilitate prototyping, and it is another purpose of the main role.

Last update: November 2023 | © GeneXus. All rights reserved. GeneXus Powered by Globant