When is proxy user information used?

Proxy users as the "user of record"

Some of the actions that a user can execute in PolicyCenter require the user's name to be recorded in the database. For example:

When an object (such as an activity or a note) is created, the user who created it is stored in the object's CreateUser field.
When an object (such as an activity or a note) is modified, the user who modified it is stored in the object's UpdateUser field.

Actions that require a "user of record" can be triggered by system API calls. When the system API call is triggered by an internal user, the internal user is noted as the user of record. When the system API call is triggered by an external user or service, the proxy user is noted as the user of record.

Proxy users and system permissions

A system API call may trigger a check to see if the caller has a specific system permission. When this occurs, PolicyCenter

checks to see if the proxy user has a user role that includes the system permission.

If the proxy user has the permission, processing continues as normal.
If the proxy user does not have the permission, the action is prevented.

For more information on roles and permissions, refer to the Application Guide.

Proxy users and authority limits

A system API call may trigger a check to see if the caller has sufficient financial authority to execute a given action. When this occurs, PolicyCenter checks to see if the proxy user has an authority limit profile with the corresponding authority limit set to a sufficiently high amount.

If the proxy user has a sufficiently high authority limit, processing continues as normal.
If the proxy user does not have a sufficiently high authority limit, processing is suspended. PolicyCenter automatically creates an approval activity and assigns it to the appropriate user. If the activity is approved, processing for the underlying transaction continues.

For more information on authority limits, refer to the Application Guide.