System Authorities List
The following table lists the system authorities and the actions they allow the user to perform.
|
Note: The authorities required to invoke a REST API method directly are described in the REST API reference documentation.
|
| Authority | Capabilities | Explanation | Related Requirements |
|---|---|---|---|
| APP_ALL | Grants the user implicit membership of all apps in the system. | If the user performs any actions that result in the user owning an object in the app, then the user is automatically granted explicit membership of the app. | |
| APP_ATTACHMENT_EDIT | User can upload, edit, and delete attachments on an app. | ||
| APP_ATTACHMENT_VIEW | User can download the attachments on an app. | App members without this authority can view information about app attachments, but they cannot download them. | |
| APP_DELETE | Allows the user to delete an app and all of its contents. | All of the contents of the app must be accessible to the user and editable by the user. | The user must be a member of the app or have APP_ALL authority. |
| APP_EDIT | Allows the user to edit the name of the app. | The user must be a member of the app or have APP_ALL authority. | |
| APP_NEW | Allows the user to create or import a new app. The creator is granted app membership. | ||
| DEVELOPER | Allows the user to update an app. Enables additional debugging options. | ||
| DIRECT_DATA_VIEW | Grants access to the Entity Explorer view. | The Entity Explorer view allows interaction with the underlying scenario data. | |
| FOLDER_DELETE | User can delete a folder and its contents, including any subfolders and scenarios. The action is refused if the folder or any of its contents are not editable or accessible by the user. | The user must be a member of the app containing the folder or have APP_ALL authority. | |
| FOLDER_EDIT | User can edit the name, owner, and share status of the folder. | User can edit the owner and share status of the contents of the folder, provided all the contents of the folder are accessible to the user and editable by the user. | The user must be a member of the app containing the folder or have APP_ALL authority. |
| FOLDER_NEW | User can create a new folder in the app root. | Allows the user to create a new folder as a subfolder of an existing parent folder, providing the user has access to the parent folder. Allows the user to move a folder to the app root, provided the user has access to the folder. Allows the user to move a folder to a destination folder, provided the user has access to the destination folder. | The user must be a member of the app containing the folder or have APP_ALL authority. |
| FOLDER_OWNER | User can change the owner of a folder. | ||
| FOLDER_SHARE | User can change the share status of a folder. | ||
| SCENARIO_ALL | Grants the user access to all scenarios and folders in an app, including any that are owned by other users and not shared. | The user must be a member of the app to gain access to the scenarios and folders or have APP_ALL authority. | |
| SCENARIO_DELETE | User can delete a scenario. | The scenario must be accessible and editable by the user. | The user must be a member of the app containing the scenario, or have APP_ALL authority. |
| SCENARIO_EDI T | User can rename the scenario and edit the scenario notes. | User can edit the scenario input data. User can set the ownership and share status of the scenario. The scenario must be accessible and editable by the user. | |
| SCENARIO_ATTACHMENT _EDIT | User can upload, edit, and delete attachments on a scenario. | ||
| SCENARIO_EXEC | User can queue a scenario for execution, if the scenario is accessible and editable. | User can pause, resume, cancel existing jobs for the scenario. To pause, resume, cancel existing jobs, the scenario must be accessible. | The user must be a member of the app containing the scenario or have APP_ALL authority. |
| SCENARIO_NEW | User can create a new scenario, or create a copy of an existing accessible scenario. | Allows the user to move a scenario to the app root or an accessible destination folder. | The user must be a member of the app containing the scenario or have APP_ALL authority. |
| SCENARIO_OWNER | User can change the owner of a scenario. | ||
| SYS_USER | Grants access to the user management functionality of the admin interface. | Allows the user to add a new user, edit existing users, edit the assignment of authority groups to a user, edit the assignment of authorities to an authority group, and grant and revoke membership of a user to an app. | |
| SYS_IMPORTEX PORT | User can import a previously exported repository. | ||
| SYS_SERVER | User can configure LDAP, view logs, and access the Tableau tab with its corresponding functionality. | ||
| SYS_SERVICES | User can add new optimization services. | Allows the user to delete existing optimization services. Allows the user to edit the connection string and capacity of existing optimization services. Enables the administrator-only actions on the Admin menu: Optimization Services . |
© 2001-2024 Fair Isaac Corporation. All rights reserved. This documentation is the property of Fair Isaac Corporation (“FICO”). Receipt or possession of this documentation does not convey rights to disclose, reproduce, make derivative works, use, or allow others to use it except solely for internal evaluation purposes to determine whether to purchase a license to the software described in this documentation, or as otherwise set forth in a written software license agreement between you and FICO (or a FICO affiliate). Use of this documentation and the software described in it must conform strictly to the foregoing permitted uses, and no other use is permitted.