Predefined Permission Sets¶
Predefined Platform permission sets are created upon installation of IFS Cloud. These should not be modified, but rather, new custom roles can be created as necessary to grant Application functionality and objects. It is recommended to use functional roles and end user roles in a hierarchy. See section below for more information.
| Permission Set | Description |
|---|---|
| FND_WEBRUNTIME | Role needed for a user to logon to IFS Aurena. |
| FND_WEBENDUSER_MAIN | Role that contains framework functionality for IFS Aurena for a user. FND_WEBRUNTIME is granted this role. This role is a basic end user role for all IFS Aurena main users. |
| FND_WEBENDUSER_B2B | Role that contains framework functionality for IFS Aurena for a Business to Business (B2B) user. FND_WEBRUNTIME is granted this role. This role is a basic end user role for all IFS Aurena B2B users. |
| FND_ADMIN | Role needed for a user to be an administrator of IFS Platform. FND_WEBENDUSER_MAIN, FND_WEBENDUSER_B2B and FND_CUSTOMIZE are granted to this role. |
| FND_PRINTSERVER | Role needed for a user to run IFS Print Agent. |
| FND_CONNECT | Role needed for a user to run IFS Connect framework. |
| FND_ANONYMOUS | Role needed for a user to use Anonymous Gateway. Granted activity AnonymousAccess. Used by predefined user IFSANONYMOUS. |
| FND_DEVELOPER | This role is for users that are developing IFS Applications. It gives rights to for instance debugging and analyzing functionality. Developers using IFS Developer Studio also need this role. |
| FND_CUSTOMIZE | Role needed for customizing clients. |
| FNDMIG_EXCEL_ADMIN | Grants the user access to use the IFS Data Migration Excel Addin. |
| MOBILE_APP_ADMIN | Role needed for a user to be an administrator of IFS Cloud Mobile. FND_RUNTIME is granted to this role. |
| MOBILE_APP_RUNTIME | Role needed for a mobile user to logon and run a IFS Cloud Mobile app. FND_RUNTIME is granted to this role. |
| FND_MOBILE_APP_SYSTEM | Role needed for IFS Cloud System User |
| FND _MOBILE_APP_SYNC_TRACE | Role needed for IFS Cloud Mobile end user to enable synchronization traces. |
| FND_QUICK_REPORTS | Role needed for creating and publishing Quick Reports. |
| FND_MONITORING | Required grants to query application monitoring results. |
| FNDSCH_WEBSERVICE | Role needed for IFS Planning and Scheduling Optimization to broadcast messages to IFS Cloud. FND_WEBRUNTIME is granted to this role. |
| FNDSCH_RUNTIME | Role needed for IFS Planning and Scheduling Optimization Workbench users |
| FNDSCH_ADMIN | Role needed for IFS Planning and Scheduling Optimization Workbench Administrator users |
| FND_REM_ASST_ADMIN | Required grants of all the RA admin projections and Actions |
| FND_REM_ASST_ENDUSER | Required grants of all the enduser related Projections and Actions |
| FND_REM_ASST_SERVICE | Required grants of RA service user |
| FND_SCIM_ADMIN | Role used for handling SCIM container requests |
| FND_DSS_ASST_ADMIN | Required grants of all the Digital Signature admin Actions |
| FND_DSS_ASST_ENDUSER | Required grants of all the enduser related Actions for Digital Signature |
| FND_DSS_ASST_SERVICE | Required grants of Digital Signature service user |
| FND_DCAT_ADMIN | Required grants for Data Catalog admin user |
| FND_DCAT_USER | Required grants for Data Catalog user |
| FND_SYNC | Required grants for Data Synchronization service user |
| FND_SYNCADMIN | Required grants for Data Synchronization admin user |
| FND_CLOUD_DMM | Role needed for data migration manager admin actions. |
| CUSTOM_OBJECTS_ADMIN | Required grants for administration of Configuration Items |
Several of the roles above include component specific sub roles, like FND_ADMIN_FNDMIG, FND_ADMIN_FNDSCH are included in FND_ADMIN, FND_DEVELOPER_FNDDEV is included in FND_DEVELOPER, etc. These are functional roles and should normally not be granted to any other role or user then their master role, i.e. to FND_ADMIN and FND_DEVELOPER.
The following predefined permission sets are obsolete and will no longer contain predefined grants or grant methods delivered with an installation of IFS Applications:
IFS_ADMIN, IFS_APPLICATION, IFS_CONNECT, IFSAPP_NORMAL, FND_MOBILE_ADMIN, FND_MOBILE_RUNTIME, FND_NORMAL, FND_ENDUSER and FND_RUNTIME
Environments upgraded from previous IFS Cloud will still contain these roles and grants. We recommend cleaning up these obsolete roles/grants to avoid confusion.
Note :The permission set SDT_CLOUD_FULL, STD_CLOUD_MIG_FULL, DMM_CLOUD_MIG_FULL are obsolete new permission set FND_CLOUD_DMM and DMM_CLOUD_FULL have been introduced. view
Links¶
Read about how to