Managing user permissions and security

You manage user permissions and security through the Security menu option in the Infor OS application.

This option is available to the user who has one of these security roles:

  • IFSApplicationAdmin
  • DataAdministrator
  • UserAdmin
  • Infor-SystemAdministrator
  • IFS-PasswordAdmin
  • IFS-ReadOnlyUser

To access Security:

  1. Click the Application Menu.
  2. From Applications, select the Infor OS application.
  3. Select the Security tab.

The Security option provides the capability for Infor OS applications to manage users. The users for the Infor OS applications are first created within Security. The user information is then replicated across the different Infor OS applications.

The Security option has the concepts of users, security roles, distribution groups, accounting entities, and locations.

Security has these menu options:

  • Manage
  • Configure
  • Security Administration
  • Metadata
  • Auditing and Monitoring

This table shows the descriptions of each menu option:

Option Description
Manage > Users Used to view and manage users. These actions are available:
  • Adding users
  • Deleting users
  • Importing and exporting users
  • Assigning and unassigning these attributes:
    • Security roles
    • Accounting entities
    • Locations
    • Distribution groups
    • Custom properties
    • ERP Person IDs
    • Client access (access can be revoked)
  • Resetting passwords
  • Viewing user activity
  • Exporting all users
  • Activating users (this option is displayed only when Create Users in Draft Status is enabled)
  • Searching users by using Simple or Advanced Search
Manage > Client Access Used to view and manage clients that users have used to access Infor OS Portal. These actions are available:
  • Revoking client access
  • Searching for clients
Manage > Service Accounts Used to view and manage accounts that have been created to allow applications a resource owner grant to contact the Infor Authorization Service to obtain a token for use in making API requests.
Manage > ERP Person IDs Used to view and manage the ERP person IDs that have been added to your users.
Manage > Contacts Used to view and manage contacts. These actions are available:
  • Adding contacts
  • Deleting contacts
  • Assigning contacts to contact groups
Manage > Contact Groups Used to view and manage contact groups. These actions are available:
  • Adding contact groups
  • Importing and exporting contact groups
  • Deleting contact groups
  • Assigning contacts to contact groups
Manage > Groups Used to view and manage groups. These actions are available:
  • Adding groups
  • Importing and exporting groups
  • Deleting groups
  • Assigning users to groups
Configure > Master Data > Types > Security Roles Used to view and configure security roles. These actions are available:
  • Adding security roles
  • Importing and exporting security roles
  • Deleting security roles
  • Assigning users to security roles
  • Assigning documents to security roles
Configure > Master Data > Accounting Entities Used to view and configure accounting entities. For example, you can assign users to accounting entities.
Configure > Master Data > Types > Locations Used to view and configure locations. For example, you can assign users to locations.
Configure > Document Authorizations Used to view and configure document authorizations including assigning security roles to documents.
Security Administration > Federated Security Used to view and configure federated security settings including federated single sign on (SSO) using SAML.
Security Administration > Service Provider Used to view and configure service provider settings if your tenant has been configured with service provider options.
Security Administration > Domain Security Used to view and configure an Allowed or Blocked domain list.
Security Administration > Authentication URL Options Used to view and configure the authentication mode. Lists URLs that you can use to access your system with different authentication methods.
Security Administration > ION-Person ID Used to view and configure the default setting for ION Person ID.
Security Administration > Session Configuration Time-out: Used to view and configure the default idle session time-out.

Concurrent Sessions: Used to configure the number of concurrent sessions allowed.
Security Administration > Settings > General Settings Used to view and configure other general settings:
  • Trusted Domains
  • Change Icon
  • Email Settings
  • System Use Notification Settings
  • Manage Features
    • Enable IFS Audit
    • Enable SCIM Service
  • Account Creation Status
    • Create Users In Draft Status
  • Application Specific Settings
    • Do not auto-generate User Alias while creating users
    • Do not auto-generate LN User while creating users
      Note: The check box is displayed only when the Infor LN application is provisioned.
Security Administration > Settings > Infor OS Portal Configuration: Used to view and configure users who can sign in using Infor Cloud Identities.

Password Management: Used to view and configure password strength and complexity requirements for Infor Cloud Identities.
Metadata > User Properties Used to view and configure options for user properties.