Infor Federation Services security roles

IFSApplicationAdmin

IFSApplicationAdmin is the administrator role for security. This role is added to every administrator that is provisioned to a tenant. Users assigned to this role have full permission to all the screens in Security.

Users cannot remove this role from their own user details.

Users with this role can manage users, contact groups, and distribution groups. They can revoke client access and manage service accounts and SCIM accounts. They can manage security roles, accounting entities, locations, and custom master data types. They also have access to the Document Authorization page, which allows them to view document types and assign document types to security roles.

DataAdministrator

Users who have this role can see the Security menu item under the profile menu.

DataAdministrator is a security role that allows users to manage security roles, accounting entities, locations, and custom master data types. Users with this role also have access to the Document Authorization page, which allows them to view document types and assign document types to security roles.

Users with this role have access to these menu items and all the functionality in each menu item:

  • Configure > Master Data Types > Security Roles
  • Configure > Master Data Types > Accounting Entities
  • Configure > Master Data Types > Locations
  • Configure > Master Data Types > (any custom Master Data Types)
  • Configure > Document Authorizations
  • Metadata > User Properties
  • Metadata > Custom Master Data Type

IFSAdminContact

This is an IFS role that includes the user to notification emails as an administrative contact.

IFS-AuditAdministrator

Users with this role can configure audit report settings and can also view audit reports.

IFS-AuditReportUser

Users with this role can see the audit event search menu options and can perform audit event searches.

IFS-MonitorAdministrator

Users with this role can configure monitoring report settings and can see the monitoring search menu option.

IFS-MonitorReportUser

Users with this role can see the monitoring search screen and can perform monitoring event searches.

IFS- PasswordAdmin

IFS administrators who have this security role can manage passwords for all users.

IFS-EEPasswordAdmin

Administrators with this security role can manage external passwords for users.

IFS-ExternalEntity Admin

Administrators with this role can manage external entities and external users.

IFS-UserAdmin

Users who have this role can see the Security menu item under the profile menu.

UserAdmin is a security role that allows users to manage users, the ERP person identifier, contact groups, and distribution groups. Users with this role can revoke client access, manage service accounts, and SCIM accounts.

Users with this role have access to these menu items and all the functionality in each menu item:

  • Manage > Users
  • Manage > Client Access
  • Manage > Service Accounts
  • Manage > SCIM Accounts
  • Manage > ERP Person IDs
  • Manage > Contacts
  • Manage > Contact Groups
  • Manage > Groups (previously named Distribution Groups)

IFS-ReadOnlyUser

Users who have this role can see the Security menu item under the profile menu.

IFS-ReadOnlyUser is a security role that allows users to have a read-only view of users. Users with this role cannot edit or delete users.

Users with this role have read-only access to the Manage > Users menu item.

IFS-ReadOnly

Users who have this role can see the User Management menu item under the profile menu.

IFS-ReadOnly is a user management role that allows users to have a read-only view of any page under the User Management > Manage menu item. Users can export any file but cannot make edits to the pages.

If IFS-ReadOnly is the only role intended for the user in IFS, you must also assign the user the IFS-ShowUserManagementUI role.

Infor-SystemAdministrator

The Infor-SystemAdministrator is a system-wide role that applies to all Infor applications. Each user who is assigned to this role is considered as the administrator for every application that is in the system and, therefore, has access to all the applications, including Security and Admin Settings.

Users cannot remove this role from their own user details.