We’re experiencing a frustrating issue where updates to user role permissions in our Resource Management module are not taking effect immediately. When we modify role assignments or permission sets in the security configuration, users continue to have their old access levels for several hours.
For example, yesterday we promoted a project coordinator to project manager role, which should grant access to budget approval functions in Resource Management. The role permission update shows as successful in the security admin console, but the user still can’t access budget approval screens. We’ve verified the role assignment is correct and the permission set includes the necessary privileges.
The cache refresh interval seems to be the issue, but we can’t find where to configure this. The security sync job runs every 4 hours according to the schedule, but that’s too long for urgent permission changes. Is there a way to force an immediate refresh, or can we reduce the cache refresh interval for role permissions? This access control lag is causing operational delays when we need to adjust team member responsibilities quickly.
This is a known behavior in ICS 2022. User permission cache doesn’t refresh until either the security sync job runs or the user logs out and back in. The quickest workaround is to have the user clear their browser cache and re-login. That forces a fresh permission check against the current role configuration.
You can manually trigger the security sync job without waiting for the scheduled run. Go to System Administration > Jobs > Security Synchronization and click ‘Run Now’. This processes all pending permission changes immediately across all modules.
For the cache refresh interval, check System Configuration > Security Settings > Cache Configuration. The default is 240 minutes (4 hours), but you can reduce it to 60 minutes if you need faster permission updates. Just be aware that shorter intervals increase database load slightly as the system checks permissions more frequently.
One thing to watch out for - Resource Management has its own permission cache separate from the core security cache. Even after the security sync job runs, Resource Management might still cache role permissions for active sessions. We’ve found that having users fully close their browser (not just the tab) and reopen it ensures they get the updated permissions. Just refreshing the page isn’t always sufficient for module-level permission changes.
Cache Configuration is indeed restricted to System Administrator role. You’ll need someone with that elevated privilege to adjust the cache refresh interval. Alternatively, you can request your system admin to set up a dedicated security role that includes permission to run the sync job manually. That way HR admins can trigger immediate refreshes when needed without full system admin access.
The permission you need is ‘Execute Security Jobs’ under System Administration privileges.