Initializing help system before first use

Managing Users and Permissions

Xpress Insight authenticates users against local account records or by delegating to a single sign-on (SSO) identity provider (IdP).

Local account authentication is only available for deployments in development mode. Authentication with SSO is required for deployments in production mode.

The permissions granted to authenticated users are defined using authorities. Predefined authorities control the built-in operation of the system. An app can define custom authorities that control abilities in the app.

Authorities are not directly assigned to users. An authority group is created to represent a role or user persona. Authorities are added to the group, representing the authorizations of that role. The authority group is then added to each user who should have that set of authorizations.

Covered Topics
  • Authentication using Local Accounts
    For a development mode deployment, you can use authentication using local accounts.
  • Authentication Using an Identity Provider (IdP)
    Xpress Insight allows authentication to be managed by an Identity Provider to enable Single Sign On (SSO).
  • Managing Authority Groups
    An authority group is a number of authorities that are grouped under a single name and applied to users. Managing your user authority groups is an important part of the Xpress Insight user authentication and authorization security system.
Parent Topic Insight 5 Administrator Guide

© 2001-2026 Fair Isaac Corporation. All rights reserved. This documentation is the property of Fair Isaac Corporation (“FICO”). Receipt or possession of this documentation does not convey rights to disclose, reproduce, make derivative works, use, or allow others to use it except solely for internal evaluation purposes to determine whether to purchase a license to the software described in this documentation, or as otherwise set forth in a written software license agreement between you and FICO (or a FICO affiliate). Use of this documentation and the software described in it must conform strictly to the foregoing permitted uses, and no other use is permitted.