Specialized Administration > Ensuring Data Security > Security Labels and Agreements > Agreements > Creating Agreements
  
Creating Agreements
Agreements can be created from the Agreements page. To create an agreement, you must be a member of the agreement managers group and have the appropriate permissions to create an agreement. For more information, see Out-Of-The-Box Access Control Rules.
* 
In addition to being a part of the Agreement Manager group, you will also require at least one of the following license profiles to be able to create an agreement:
IP Protection License Profile
PTC Windchill Advanced License
PTC Windchill Premium License
The New Agreement action divides creating agreements into the following steps:
1. Set Attributes
Provide the attributes of the agreement you are creating. Fields marked with an asterisk (*) are required. For more information, see Agreement Attributes.
* 
If your site has only one agreement type defined, this value is automatically assigned. For more information about the agreement type and subtypes, see Agreement Type and SubTypes.
2. Select Authorized Contexts
* 
This wizard step appears only if you selected the Type attribute value in the first wizard step as ContextBasedAgreement or any subtype of it.
Using this step, you can add multiple contexts to a context-based agreement. This gives you the flexibility to authorize multiple contexts from a single agreement. As you cannot add higher-level contexts, create your context-based agreement at a level where you can include one or more contexts as required.
From the Select Authorized Contexts wizard, you can add or remove contexts for your agreement by using the actions available in the Authorized Contexts table.
To add contexts to your agreement, click . The Find Contexts window lists all the contexts for which you have Read permission.
* 
You can add only the current context and the child contexts of your current context. It is mandatory to add at least one context.
To add the current context in the Authorized Contexts table, click .
To remove contexts from the Authorized Contexts table, select the check box corresponding to the context you want to remove and click .
3. Select Authorized Security Label Values
* 
This step is only available if it has been configured for your site.
Authorize only the selected security label values. By default, all security label values associated with a specific agreement type are authorized when an agreement of that type is created. Using this step, you can change which security label values apply to a particular agreement.
Each security label that has values associated with the selected agreement type is listed in the Select Authorized Security Label Values step. Security label values listed under the Authorize drop-down list are security labels that restrict access for some users. Security label values listed under Unrestricted Values are not configured to restrict access from any user and are commonly used as an informational marking.
To clear access for all current and future configured security label values for the selected agreement type, select All Applicable Values from the drop-down list for a standard security label or All Values from the drop-down list for a custom security label.
To clear access for only certain configured security label values for the selected agreement type, select Selected Values from the drop-down list for a standard security label and then choose specific values to be authorized. Values that cannot be selected restrict user access, but have not been configured for this agreement type.
To prevent clearance for the configured security label values, select No Values from the drop-down list for a standard or custom security label.
* 
Because agreements associated with custom security labels apply to all values of the custom label, you can only authorize all label values or no label values for the custom security label.
For more information, see Authorized Security Label Values.
4. Select Life Cycle States
Only authorize the objects in the selected life cycle states. By default, objects in all life cycle states are authorized, including future states. To select specific states, deselect the Authorize objects in all life cycle states checkbox and use the Authorized Life Cycle States list to specify at least one life cycle state in which a participant is granted temporary clearance to the authorized objects.
5. Select Authorized Objects
* 
If your site uses context-based agreements and you selected that type when setting the agreement attributes, the Authorized Objects step does not appear because all objects in the current context are authorized. If you switch to the context-based agreement type after specifying authorized objects already, the objects are removed from the agreement when you change the agreement type. For more information, see About Agreements.
Search for objects within the scope of the agreement using find object or, if you have copied objects to the clipboard, select the objects you want to include in the authorized object list using paste . Zero or more objects can be selected at creation. By customizing the view of this table, you can also add columns to display security label values corresponding to the authorized objects listed in the table.
After objects have been added to the table, you can search for related objects using the collection picker or remove objects from the table using remove selected objects . Objects selected using the Collection Picker can be outside the scope of the agreement, but they are not accessible through the agreement unless they are moved within the scope of the agreement.
After adding authorized objects to the table, you can edit authorized revisions for individual versioned objects using the row-level action or groups of versioned objects using the table-level action.
Some objects are not security-labeled. Objects that cannot have a security label cannot be added to the Authorized Objects table. For more information about which objects can have security labels, see Object Types Exposing Security Labels.
For more information, see Authorized Objects Table.
6. Select Authorized Related Changes
Determine which change object types should be authorized through the agreement. If any authorized object has a related change object of the specified type, authorized participants of the agreement are able to access the related change object.
By default, the Do not authorize access to any related change types checkbox is selected and no types are authorized. To authorize specific change types, use the following procedure:
a. Clear the Do not authorize access to any related change types checkbox.
b. Click the Find button.
The Find Type window opens.
c. Select at least one change object type from the list of available object types and click OK.
The selected type is added to the Authorized Types list.
* 
Adding a change notice to the list of authorized related change types will also add change tasks.
To remove a type from the list of Authorized Types, click the Find button and uncheck the types you want to remove. At least one authorized type must be specified or the Do not authorize access to any related change types checkbox must be checked.
For more information, see Authorized Related Change Objects.
7. Select Authorized Participants
Participants can be added to the Authorized Participants table using find participant . Select participants (users, groups, or organizations) from the Find Participant window. The search is not limited to the context in which the agreement resides. Any user, group, or organization can be added to an agreement.
* 
If the Restricted Directory Search checkbox is not selected when the organization is created or edited, searching for participants (users, user-defined groups, or organizations) in other organizations is only allowed if the agreement manager has Read permission for the participant object. For more information about specifying permissions, see About Policy Administrator.
Participants can be removed from the Authorized Participants table using remove participants . Zero or more participants can be selected at creation. There is no limit to the number of participants that can be associated with an agreement.
For more information, see Authorized Participants Table.
8. Specify Authorization Document
You can associate an authorization document (or contract) with an agreement. To associate the document with an agreement, it must exist in Windchill and be either of the Document type or of a subtype of Document. Only the specified version of the authorization document is associated with the agreement. The document does not need to be within the same context as the agreement. Each agreement can have zero or one authorization documents.
* 
If you have a document that does not exist in Windchill, you can use the description attribute available in the Set Attributes step to reference the location of the document outside of Windchill.