Creating a UDOC to Add a New User
This job aid describes steps for creating a UDOC to Add a New User to CORE.
To create a UDOC to Add a New User to CORE, you will want to follow the steps below:
Have a completed and signed Statement of Agreement (SOA). If applicable, also have a completed and signed CORE Vendor Entry Background Verification (CVEBV) form. These will be attached to the UDOC before you submit it for approval.
From the CORE search bar type UDOC and select UDOC User Maintenance (Financial).
3. Click the Create button in the upper right corner.
4. This will open a new Create Transaction window, and you will be on the Header tab of the UDOC.
5. Enter a Transaction Department (this is the user’s Home Department).
6. Enter a Transaction ID following the naming convention userIDyyymmdd (the CORE user ID followed by the current year, month, and day). In the example below the UDOC was created on 07/19/2023 for a.weasley
a. Note: Transaction IDs are limited to 20 characters. Truncate user IDs as needed to meet the 20-character limit.
7. Click the Continue button in the upper right hand corner.
8. Enter the User ID following the naming convention of the first initial of first name, period, and last name. The User ID should be entered with all lowercase and NO special characters. In the example below a.weasley is used for Arthur Weasley.
9. In the Directory Information section, enter:
Last Name
First Name
Locality (Employee ID)
Email Address
Phone Number
Extension, if applicable
10. In the Home Organization section, enter the user's Home Department in the Department field. You may use the Division field as an optional data entry field to pre-assign a valid Department Code.
Note: The UDOC Validation step will not warn you if the Division code you have entered is not valid for the user’s department. An invalid code may prevent that user from creating financial transactions they are otherwise authorized to create. CORE Operations advises Controllers and Security Administrators who wish to use the UDOC Division field to take extreme care that only valid Division Code values are used.
11. In the Account Options section,
Locked Out equals Active
Bad Logins Count equals 0.
Bad Password Reset Count equals 0.
12. In the Password Maintenance section check all three boxes:
Reset Password
Generate New Password
Expire New Password
13. In the Applications section check both boxes:
ADVANTAGE Financial
PASSWORD RESET
14. If PB Access is required (including Reporting):
In addition to the items in step 13, select the ADVANTAGE Performance Budgeting box on the Applications section of the Header.
Select Insert Comment.
Select the (+) add button
Enter PB Access in the Subject field
Explicitly state PB Access Approved and list all Security Orgs (e.g. PUBLIC, F, APPS-F, FUNDS-F) or use another active User ID to mirror access in the Comment field.
Add security role D_SW_UDOC_PBACC to the Security Roles tab
To enable Reporting, under the Header tab, make sure that the User ID is populated on the Header of the UDOC in the Reporting User Information (Needed for PB Reporting) section.
Note: As a best practice, comments should be added to a UDOC before it reaches the status of “Final”. CORE Operations will receive an automatic email notification from CORE when the PB Approval security role, D_SW_UDOC_PBACC, has been “Add”ed or “Update”d and additional security roles are “Add”ed on a user’s UDOC and it reaches the Final phase.
15. In the Dual Factor Authentication section enter:
Registered email
Registered phone (REQUIRED - cell phone with SMS text messaging enabled)
16. Attach the SOA and CVEBV if applicable:
a. Click on the Attachments link on the right-hand side of the page
b. This opens a new page for Attachments, using the Browse and Drop links select and attach the required documents. Click Upload.
17. Click the Save button in the upper right corner.
18. Click on the Security Roles tab.
19. To add a role click on the “+” (insert new line) button.
Note: The Add radio button will automatically be marked
20. On the new line click on the Search and Select Security Role ID button.
21. Select the ANY role and click OK
22. Enter a unique Precedence number. As a general rule of thumb, the Precedence value for
the new line is one (1) more from the last record starting at 1 and adding sequentially.
IMPORTANT Precedence levels must be unique and you should never re-use a precedence number from an old security role, even if the security role has been deleted from the UDOC. The transaction will not throw an error when validating, but the final approver of the UDOC will not be able to approve if precedence levels are repeated.
23. Then add any subsequent rows as required until all new security roles are added, repeating steps 19-22.
24. Click the Save button.
25. To add Foreign Org access, select the D_SW_UDOC_FORG security role, following steps 19-20 outlined above. Then, select Insert Comment, and enter the following in the comment:
Enter Foreign Org in the Subject Field
NOTE: The subject must clearly indicate the purpose of the foreign organization access.
Explicitly list all departments (e.g., AAA, AABA, AAEA, etc.) or use cabinet code and wildcard to indicate entire cabinet access (e.g., A*, C***, E*, etc.) in the comment field.
26. To add PB Access, select the D_SW_UDOC_PBACC security role, following steps 19-20 outlined above. Then, select Insert Comment, and enter the following in the comment:
Enter PB Access Approved in the Subject Field
Explicitly list all Security Orgs (e.g., PUBLIC, F.APP-F, FUNDS-F, etc.) or list the User ID of another active PB user from whom to mirror access in the comment field.
27. Click on the Business Roles tab
28. To add a new Business Role, click the “+” (insert new line) button
Note: The Add radio button will automatically be marked.
29. On the new line click on the Search and Business Role ID button.
30. Search and select the appropriate Business Role from the list and select OK
31. Click the Save button.
32. Repeat steps 28 -31 for any additional Business Roles.
33. Click the Validate button in the upper right-hand corner.
34. Correct any errors.
35. Submit the transaction from the Submit button in the upper right-hand corner.
NOTE: Users requesting access to the PB Application must receive authorization from the Controller(s) of the requested department(s). The approval to grant foreign organization access must be indicated by a comment by said Controller(s) on the UDOC listing authorized Security organizations and groups.
After requesting CORE PB Access, you will want to allow 2 to 5 business days for the System Administrator to process your request. (Note: Even if System Administration processes your PB Access on the same day that it was requested, you will still need to wait for the nightly cycle to process for your access to be active).
If it has been more than 5 business days and you’re having an issue accessing the PB Application, please email the CORE Help Desk (core.help@state.co.us) for further help. Please be sure to include the CORE User ID, department code, transaction type, and a brief explanation of what you are trying to do (enter, approve, modify, etc.).