<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>PSAUTHWS on psLens</title><link>https://pslens.com/tags/psauthws/</link><description>Recent content in PSAUTHWS on psLens</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Tue, 07 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://pslens.com/tags/psauthws/index.xml" rel="self" type="application/rss+xml"/><item><title>Which Service Operations Can Half Your Users Call?</title><link>https://pslens.com/blog/service-operations-exposed-to-most-users/</link><pubDate>Tue, 07 Jul 2026 00:00:00 +0000</pubDate><guid>https://pslens.com/blog/service-operations-exposed-to-most-users/</guid><description>&lt;p&gt;Ask a PeopleSoft security administrator &amp;ldquo;who can call this web service?&amp;rdquo; and you will usually get a pause. There is no delivered screen that ranks service operations by how many users can reach them. The grant is buried one level below where anyone looks: a service operation is authorized to a &lt;em&gt;permission list&lt;/em&gt;, and permission lists ride &lt;em&gt;roles&lt;/em&gt; out to users. A single broadly-held role can quietly put a data-moving web service in reach of hundreds of accounts that have no business calling it.&lt;/p&gt;</description></item></channel></rss>