System groups

Spotfire comes with a set of system groups that correspond to common user roles, such as Library Administrator and Script Author. System groups are created at installation and cannot be removed.

Users who require the permissions that are granted by one or more of these groups must either be added to the appropriate group, or to a subgroup of that group.

Group name	Description	Notes
Administrator	Membership grants administrator privileges on Spotfire Server, including the ability to manage users and groups. Members are given all permissions described below, in addition to administration of preferences in the Administration Manager tool in Spotfire Analyst.	The Spotfire Administration license is automatically assigned to this group and cannot be removed.
Anonymous User	This group is used for anonymous authentication. It contains the guest@ANONYMOUS user.
API User (obsolete)		Only appears on upgraded systems.
Automation Services Users	Membership grants permission to schedule Automation Services jobs in the Spotfire Server administration interface, and to execute Automation Services jobs on the server by using the administration interface, the Job Builder, or the Client Job Sender. To use the Job Builder, users must also have the "Tibco Spotfire Extensions" license or the "Automation Services Job Builder Tool" feature, which is part of the TIBCO Spotfire Extensions license.	By default, the user account Automation Services System Account is a member of this group. Warning: Do not remove this account unless you are sure of what you are doing. Note: It is also possible to configure Automation Services to use a Kerberos account or a custom Spotfire account.
Custom Query Author	Membership grants permission to create and sign custom queries for data access using data connections. Important: An authorized custom query author MUST ALSO have the Custom Query in Connections feature, which is part of the TIBCO Spotfire Analyst license.
Deployment Administrator	Membership grants permission to deploy packages to the server by using the Deployments & Packages area. Members can deploy to any area on the server, as well as delete any existing deployment.
Diagnostics Administrator	Membership grants permission to view logs and diagnostics, set logging configurations, download troubleshooting bundles, and so on. Members of this group can access the Monitoring & Diagnostics area of the server.
Everyone	This group always contains all users in the Spotfire implementation except for the Anonymous users (guests).	No users can be removed from this group, but you can set licenses for the group if you want to.
Impersonator (obsolete)		Only appears on upgraded systems.
Library Administrator	Membership grants full permission to the library, including the ability to create new top level folders. It overrides all folder permissions set in the library, granting full control over content. Important: Library administrators must also have the "Library Administrator" license.	Users and groups that require administrative privileges in the library must belong to this group or the Administrator group.
Scheduled Updates Users	The user account that executes scheduled updates must be a member of this group.	By default, the user account scheduledupdates@SPOTFIRESYSTEM is a member of this group. Note: It is also possible to configure scheduled updates to use a Kerberos account or a custom Spotfire account.
Scheduling and Routing Administrator	Membership grants permission to create scheduled updates and routing rules. Members of this group can access the Scheduling & Routing area of the server.	For Spotfire implementations that are upgrading to version 7.5, the old "WebPlayer Administrator" group has been added as a subgroup to the Scheduling and Routing Administrator group to facilitate migration. However, in all new implementations, only the Scheduling and Routing Administrator role is required for creating scheduled updates and routing rules.
Script Author	Membership grants permission to save scripts and data functions as trusted in the Spotfire library. Important: Script authors also need the "Access to extensions" feature or the "Author scripts" feature, which are part of the Spotfire Extensions license.	Scripts and data functions that are executed by the Web Player or Spotfire Analyst can essentially do anything that deployed packages can do. Therefore, only trusted users should be granted this permission.
System Account	This group contains the system accounts that are used internally in the Spotfire environment.	This group cannot be edited.
Web Player Administrator	Legacy group included for Spotfire implementations that are upgrading to version 7.5. See the "Scheduling and Routing Administrator" notes, above.

Related concepts

A group hierarchy template

How licenses work

Related tasks

Creating groups

Setting licenses

Adding members to a group

Assigning a primary group to a subgroup

Assigning a deployment area to a group

Renaming a group

Removing members from a group

Deleting groups from the system

Related reference

License feature reference

Contents

Index

Search Results

System groups