Home > Designing and creating databases > Protecting databases > About protecting databases > About accounts, privilege sets, and extended privileges

About accounts, privilege sets, and extended privileges

You use accounts, privilege sets and extended privileges to protect FileMaker Pro database files.

Accounts

Accounts authenticate users who are attempting to open a protected file. Each account specifies an account name and (usually) a password. Any user that cannot specify valid account information won’t be able to open a protected file. Each file initially contains two accounts: Admin and Guest.

You may want to create an account for every individual who accesses a file, or you may want to create a small number of accounts that are shared among many individuals, such as a “Marketing” account and a “Sales” account:

•	Create accounts for individuals when it is necessary to guarantee the identities of particular users and you want to manage access at an individual level.

•	Create shared accounts when you want fewer accounts to maintain and you are less concerned about managing individual access to the database file.

If you host files on FileMaker Server, you can create External Server accounts that obtain authentication information from an authentication server such as an Apple OpenDirectory or Windows Domain. This allows you to use a centrally managed user directory that may already be in use to manage access to other network resources such as file servers. See Creating accounts that authenticate via an external server.

See Creating and managing accounts and About the Admin and Guest accounts.

Privilege sets

A privilege set specifies a level of access to a database file. When you create a privilege set, there are many options available that you can use to limit database access, such as which layouts are viewable, which menus are available, and whether printing is permitted. Privilege sets can also restrict access to particular tables, records, or fields within a file. Each account is assigned a privilege set, which determines the level of access when someone opens a file using that account.

You can create as many privilege sets as you need to define the types of access you want to permit to a file. Each database file contains three predefined privilege sets for common types of access levels.

See Using the predefined privilege sets and Creating and managing privilege sets.

Extended privileges

Extended privileges determine the data sharing options that are permitted by a privilege set, such as whether a privilege set permits users to open a shared file or view a database in a web browser.

The following table lists the default extended privileges that are available. (FileMaker as well as third-party developers may define additional extended privileges to manage access to other software products designed to work with FileMaker Pro or FileMaker Server.)

 

Keyword	Extended privilege	Determines if a privilege permits
fmwebdirect	Access via FileMaker WebDirect	Accessing a database file from a web browser via FileMaker WebDirect.
fmxdbc	Access via ODBC/JDBC	Accessing a database file as an ODBC or JDBC data source.
fmapp	Access via FileMaker Network, server-side scripting, or FileMaker Go	Opening a shared file (either a file shared by FileMaker Pro or hosted and shared by FileMaker Server).
fmreauthenticate10	Require re-authentication after the specified minutes in sleep/background - Go only	Accessing a file in FileMaker Go without having to re-login after file hibernation or after using a different app. The default time is 10 minutes; maximum time is 10080 minutes (one week) - FileMaker Go only.
fmxml	Access via XML Web Publishing - FMS only	Accessing a database file from a web browser or other application via XML web publishing -FileMaker Server only.
fmphp	Access via PHP Web Publishing - FMS only	Accessing a database file from a web browser or other application via PHP web publishing - FileMaker Server only.

When a user attempts to open or access a protected file using one of the above methods, the user will be prompted to provide account information. If the privilege set for the account does not permit the type of extended privilege access the user is requesting, the user will get an error indicating that they cannot access the file in that way.

All extended privileges except fmreauthenticate10 are disabled by default, even in the Full Access privilege set.

Enabling extended privileges only makes it allowable for certain privilege sets to access shared data. To actually access the shared data, you must also set up sharing for the type of access that you want. See Sharing databases on a network, Using ODBC and JDBC with FileMaker Pro, or Publishing databases on the web.

For more information on extended privileges, see Managing extended privileges.

Notes

•	FileMaker Pro no longer supports the fmiwp extended privilege. However, opening database files created in FileMaker Pro 12 or earlier that use the fmiwp extended privilege does not remove the extended privilege from the privilege sets it is assigned to.

•

Shared accounts are a security risk. For better security, use individual accounts instead of shared accounts. If you intend to use shared accounts anyway, make sure you limit the access capabilities of the privilege sets that shared accounts use. Change the password occasionally, particularly when certain users no longer require access.