Designing a Privilege Set Hierarchy

Intermediate

Plan a coherent role structure: how many privilege sets you need, what each should cover, and how to avoid permission sprawl.

What you'll learn

  • Role-based thinking for privilege set design
  • How to identify the right number of privilege sets
  • Naming conventions that make privilege sets maintainable
  • Using Re-Login for temporary privilege escalation

Most FileMaker solutions end up with too many privilege sets -- one for each individual variation of what someone might need. A disciplined hierarchy starts from roles, not individuals. Think: what categories of work exist in this solution? Each category is a privilege set candidate.

1/4
1

Start from roles, not individuals

Ask: what distinct categories of user exist? In a CRM you might have: Sales Rep (enter and edit own leads), Sales Manager (view all reps' leads, approve deals), Finance (view closed deals, edit revenue data), Admin (full solution management). That is four privilege sets, not one per employee.

The Guest Account: Risks and UsesSecurity at the Field Definition Level

Sign in to track your progress and pick up where you left off.

Sign in to FM Dojo