Define Users and Roles
A user account is defined by a login name and password and has a set of access rights associated with it. Users access FlowForce Server for administrative purposes or as end users.
Access rights are determined by the privileges a user is granted. A user receives privileges in the following ways: (i) privileges inherited from roles the user is a member of and (ii) privileges assigned directly to the user. A role is defined by a set of privileges. A role is assigned privileges directly and/or inherits the privileges of another role that it is a member of. Privileges themselves are access rights to the various administrative functions and services of FlowForce Server. Examples of privileges are as follows: the right to override security settings, to set a user's own password, to stop any job.
Through the use of roles, user privileges can be defined in a hierarchical way. For example, the SimpleAdmin role has the Stop any job privilege. If AdvancedAdmin is a member of SimpleAdmin, AdvancedAdmin inherits the right to stop any job, regardless of the user who created this job, and could additionally be assigned the Maintain users, roles and privileges privilege. The hierarchical chain can then be further extended.
About users
A user is a person who logs on to FlowForce Server to create and monitor jobs, deploy MapForce mappings and StyleVision transformations, and configure various settings. The scope of actions available to users in FlowForce Server depends on the following:
•The permissions and privileges assigned to the users
•The permissions and privileges assigned to the roles that the users are members of
Two special users are predefined:
•The root user is the initial administrator user. By default, it has all permissions and privileges available in the system. Its initial name-password combination is root-root. The password can be changed at any time.
•The anonymous account is for anonymous users that access services exposed via the HTTP service interface (see Jobs as Web Services). It cannot be used for logging in to the Web UI, and it has no initial password.
For more information about how to create, edit, import, and delete users, see Users.
About roles
A role defines a set of privileges and permissions. It can be assigned to another role or to a user. A role's privileges automatically become the privileges of any other role or any user that the role is assigned to. A user can be assigned any number of roles. As a result, a user will have all the privileges defined in the multiple assigned roles.
Note that privileges are global, whereas permissions are defined per container.
The following roles are predefined:
•The authenticated role is automatically assigned to every user except the anonymous account.
•The all role is automatically assigned to every user including the anonymous user.
For more information about how to create, edit, import, and delete roles, see Roles.
About privileges
A privilege is an activity that a user is allowed to carry out (e.g., set a password, read users and roles, stop any job, etc.). A user can be assigned zero to all of the available privileges. It is recommended to assign privileges via roles rather than to assign privileges directly to the user. The assigning of privileges and roles to a user is done by a user that has been assigned this privilege. Initially, it is the root user that has this privilege.
Inheritance
You can assign privileges directly to a user (e.g., 
Alethia Alonso) or to a particular role (e.g., 
Marketing Manager). It is recommended to assign privileges to roles rather than to individual users, because it simplifies the maintenance and management of privileges in the long term.
You can model the hierarchy of your organization in FlowForce Server, by assigning roles to other roles. The diagram below illustrates a sample organization, for which three roles and one user have been defined. The Employees role contains a role called Marketing Department. This means that the privileges and permissions granted to the Employees role will automatically be inherited by the users belonging to the Marketing Department role.
The Marketing Department role contains the Marketing Manager role. In this case, the Marketing Manager role will inherit all the privileges from the Marketing Department and Employees roles. A user called Alethia Alonso is the marketing manager, and she has been assigned the Marketing Manager role. This implies that she will inherit all the privileges from the broader roles.
Assigning a privilege
To assign a privilege to a user or role, click a user or role of interest in the Users or Roles tab (Administration page), respectively, and select the privilege(s) you wish to assign. The available privileges are summarized in the table below.
Define execution queues | This privilege allows creating and maintaining job execution queues. This includes queues local to the job and external queues defined outside of the job. External queues are used in conjunction with distributed execution.
|
Maintain cluster | This privilege grants rights to perform actions that allow managing multiple FlowForce Server instances as a cluster. For example, a user needs this privilege to be able to convert the current service instance of FlowForce Server into a Worker. For details, see Clusters.
|
Maintain global settings | This privilege allows changing the FlowForce Server global settings (the time zone and mail server settings) on the Settings page. This is an administrative privilege and should only be granted to FlowForce Server administrators.
|
Maintain users, roles and privileges | This privilege allows adding, editing, and deleting the following data: users, roles, privileges, and passwords. This is an administrative privilege and should only be granted to FlowForce Server administrators. By default, only the root user has this privilege.
|
Override security | Users with this privilege can change container permissions without having the write permission. This allows FlowForce Server administrators to regain access to resources accidentally rendered inaccessible. This is an administrative privilege and should only be assigned to FlowForce Server administrators. By default, only the root user has this privilege.
|
Read users and roles | By default, users can see only their own user accounts and any roles they are members of. When users are granted this privilege, they can see all existing users and roles. By default, only the root user has this privilege.
|
Retrieve sensitive data | This privilege allows retrieving and viewing the following categories of sensitive data as plain text: passwords, certificate private keys, OAuth 2.0 access tokens, refresh tokens, and client secrets. By default, only the root user has this privilege.
|
Set own password | This privilege allows changing their password. Users who do not have this privilege need to have their password set by a FlowForce Server administrator. By default, the authenticated role has this privilege, which means that every user account, except for anonymous, also has this privilege.
|
Stop any job | This privilege allows stopping any running FlowForce Server job, regardless of the user who created it.
|
View unfiltered log | By default, users can see log entries related to configurations to which they have read access. Users with this privilege can read all log entries, including those not associated with a specific configuration. By default, only the root user has this privilege.
|
The tab Administration | Reports | Privileges Report provides a list of all privileges, with each privilege being listed together with all the users/roles that have that privilege.