•To duplicate the access to this file, click 
.
Accounts specify user names and (usually) passwords, which identify users. For some types of accounts (see below), groups of users can be defined. When a user opens a file, a dialog box usually prompts the user to enter account information. When a user opens a file with correct account information, the privilege set assigned to the account access entry in the file for that user's account, or for the group that user is in, determines what the user can do in that file. See About accounts, privilege sets, and extended privileges.
To fully manage account access for a file, you must open the file as a user whose account access entry is assigned the Full Access privilege set. If you open the file without full access privileges, the File menu > Manage > Security command lets you change fewer options or the command is disabled. See Editing other privileges.
You can create and modify account access in a shared file while clients are using it. The account access changes you make take effect immediately but do not disrupt any current clients. For example, if you make an account access entry inactive while clients are using it, their usage of the file is not interrupted. However, after the clients close the file, they won't be able to open it again.
You can grant account access to as many users or groups as you need. Each file also contains two predefined accounts: Admin and Guest. See About the Admin and Guest accounts.
FileMaker clients support several types of accounts, which differ by how they authenticate users. Only the FileMaker file account defines the account name and password within the FileMaker Pro Advanced file. For all other types, the user account or group information is defined by an external identity provider or authentication server. For these, the FileMaker Pro Advanced file defines only how those user accounts or groups are allowed to access the file.
The following table summarizes which FileMaker hosts support each account type, where the account information is defined, and whether individual user accounts or groups are supported. Note that only the FileMaker file account type can be used to open a local file.
Account type | Local file | Hosted by FileMaker Server | Hosted by FileMaker Cloud for AWS | Hosted by FileMaker Cloud | Where account information is defined | Supports users or groups |
FileMaker file | Yes | Yes | Yes | No | Within the FileMaker Pro Advanced file | Users |
FileMaker ID | No | No | No | Yes | By the FileMaker ID identity provider system | Users, groups |
External server | No | Yes | No | No | By an external authentication server such as Apple Open Directory or a Windows domain | Groups |
No | Yes | Yes | No | By an OAuth identity provider, such as Amazon, Google, or Microsoft | Users, groups1 |
1. Microsoft Azure AD is the only supported OAuth identity provider that supports groups.
1. Choose File menu > Manage > Security.
2. For Authenticate via, choose the type of account to work with.
The account access list displays only the access granted for the selected type of account. See "Account types" above.
3. To grant account access, click New. To change an existing account access entry, select the user or group.
4. For the account type you chose in step 2, edit the account access details. See:
•Editing FileMaker file accounts
•Editing FileMaker ID account access
•Editing external server account access
1. Choose File menu > Manage > Security.
2. For Authenticate via, choose the type of account to work with.
3. Select a user or group, then:
•To duplicate the access to this file, click .
•To delete the access to this file, click 
.
•Account access entries that aren't assigned the Full Access privilege set can be granted limited privileges to manage accounts. See Editing other privileges.
•For FileMaker file and external server accounts:
•Use only ASCII characters in passwords, such as a-z, A-Z, 0-9, and punctuation characters like "!" and "%." Passwords containing certain accented characters or non-roman characters such as Cyrillic or Japanese may not work, particularly in cross-platform database solutions and files accessed via FileMaker WebDirect.
•If the file is shared via web publishing, also limit account names to ASCII characters. Do not use colons in account names and passwords of web-published files.
•Automatically signing in to a file is supported by local files and files hosted on a FileMaker Server host that isn't configured to require password-protected files. To automatically sign in each time a file is opened, choose File menu > File Options and specify the account name and password. See Setting file options.
•The user name defined in the Preferences dialog box is automatically entered in the Open dialog box. When the user name and account names match, the user doesn't need to type the account name when opening the file. See Setting general preferences.