Skip to content

Grant Permission Sets to Users

A user without a permission set can not log in to the IFS Cloud application. Users will need the following IFS Managed Base permission sets based on the client.

  • FND_WEBENDUSER_MAIN - The basic end user role for IFS Cloud Main users.

  • FND_WEBENDUSER_B2B - The basic end user role for IFS Cloud Business to Business (B2B) users.

  • MOBILE_APP_RUNTIME - The basic functional role to run the IFS Cloud Mobile app.

The End user type Permission sets can only be granted (assigned) to the end users directly. The functional type permission sets in the grant structure will be assigned as indirect user grants through an end user permission set structure.

You can grant a permission set to a single user from the Users page and to multiple users from the Permission Sets page.

Note: By granting a permission set, all the Permission Sets in the grant structure will be automatically granted to the user and will be listed in the All Grants tab as Indirect grants.

When Revoking a permission set, all the indirect Permission Sets granted from the Permission Set will be revoked as well.

User Grants can be exported and imported along with the Permission Set or as a separate list.

Grant Permission Sets to a single user

Grant or revoke Permission Sets to a single user from the User page.

  1. Navigate to the User page.
  2. Go to the submenu User permissions.
  3. Selecting Grant Permission Sets will toggle an assistant which allows the administrator to choose the Permission Sets to grant to the User.
  4. Selecting Revoke All Permission Sets will revoke all the granted Permission Sets from the user.
  5. To revoke Permission Set grants individually, choose the desired indiviual record(s) from the Direct Grants list and select Revoke.

Grant Permission Sets to Users Page

Grant a Permission Set to multiple users

Grant or revoke a Permission Set to one or more users from the Permission Set page.

  1. Navigate to Permission Set and search your the desired Permission Set.

  2. Go to the sub menu Users Granted

  3. Selecting Add Users will toggle an assistant which allows the administrator to choose which users to grant the Permission Set.
  4. Choose the desired individual user(s) from the Users Granted list and select Revoke to remove grants from the Permission Set.

Grant Permission Sets to Users Page

Grant multiple Permission Sets to multiple user (via User Groups)

By granting Permission Sets to a User Group, all members in the group will get access to the granted Permission Sets. Any new user(s) who will be added to the group will also be granted full access to the Permission Sets assigned to the group.

  1. Navigate to User Group and select the wanted desired group.
  2. Go to the Sub Menu Permissions.
  3. Selecting Grant Permissions will toggle an assistant which allows the administrator to choose Permission Sets to grant to the User Group.
  4. Selecting Revoke All Permissions will revoke all the granted Permission Sets from the User Group.
  5. Choose the desired Permission Set(s) from the Permissions list and select Revoke Permission to remove permission set grants from all the user in the User Group.

Note: Permission Sets that have already been directly granted to a user will not be removed from the individual User Grants even if they are revoked using the Revoke Permission or Revoke All Permissions options in a User Group.

Grant Permission Sets to Users Page

Transfer User Grants to a different environment

Often the permission sets are prepared in a test environment and moved to the production environment. To make that process easy, IFS Cloud provides the Export/Import functionality for Users Grants.

To export, navigate to the Export All User Grants page and export the user grants to an XML file.

To import, navigate to the Import User Grants page and upload the exported User Grants XML file.

When importing there are two scenarios to consider:

Scenario 1 - If user does not exist in the destination environment you can choose one of the following options:

  • Ignore and Continue - The not existing user will be ignored and will be continued to the next record to import.
  • Stop - The import will stop from the not existing user onwards.

Scenario 2 - If permission set does not exist in the destination environment you can choose one of the following options:

  • Ignore and Continue - The not existing Permission Set will be ignored and will be continued to the next record to import.
  • Stop - The import will stop from the not existing Permission Set onwards.
  • Create Empty Permission Set - An empty Permission Set of the same name as in the XML will be created and users will be granted.

Grant Permission Sets to Users Page