Define privilege sets

Privilege sets grant access to the features a user can see and the tasks a user can do. They allow you to control access to data and schema. You can use a privilege set with multiple account access entries.

Every new FileMaker Pro custom app contains three predefined privilege sets:

  • Full Access: Allows complete access to the file, including all development features.

  • Data Entry Only: Allows creating, editing and deleting records, and importing and exporting data. Does not allow access to any development features.

  • Read-Only Access: Allows viewing and exporting record data. Does not allow modifications to the file except for values in global fields.

You can also create new privilege sets to meet your specific requirements. Typically, you will create a privilege set for each unique role in your organization. A privilege set is made up of these access options:

  • Data access and design privileges: Provide access to a wide range of security control, including records, layouts, value lists, and scripts.

  • Extended privileges: Determine how users access a hosted file.

  • Other privileges: Allow printing, exporting, the limited ability to manage security, and some other functions.

All clients and tools that access FileMaker Pro custom apps respect users' privilege sets. For example, if a user is assigned a privilege set that does not allow access to a field, the user cannot access the field using FileMaker Pro, FileMaker Go, FileMaker WebDirect, Custom Web Publishing, FileMaker Data API, ODBC and JDBC applications, OData client applications, external tools like AppleScript or ActiveX, or other means.