Before users can log on to MRI for the Web, you must add them to the system and establish their access rights. A user’s access rights depend on their user type and the roles and classes to which they belong.
Note
Clients using MRI Identity Provider as their identity provider (IdP) can add and delete users through Security Console. Clients using an external IdP must create and delete users in their IdP.
Depending on your license agreement, MRI provides the following user types:
▪ Super administrator—A super administrator has access to all pages and functionality within Security Console, similar to the SYSADM user in Security Console for Windows. A super administrator can delegate rights to all other users and can configure additional super administrators. Super administrators can also access multiple client IDs.
▪ User with system administrator rights—A user who has been assigned as an administrator has an additional set of rights which are customized on the Administrator Rights tab.
▪ Inquiry user—An inquiry user has view-only access rights to all data and cannot create, modify, or delete records. To assign the inquiry user type, you must be licensed for inquiry users. An inquiry user has access to the same menu commands as a standard user.
▪ Named user—A named user can always log on to MRI regardless of the number of users already logged on. To assign the named user type, you must be licensed for named users. A system administrator who logs on with the SYSADM user name can also be a named user.
Note
If a named user is a system administrator, the system administrator will still have access to the same menu commands. If a named user is not a system administrator, the named user has access to the same commands as a standard user.
A named user can have one logon per machine per client license.
▪ Standard user—A standard user has access to fewer MRI menu commands than system administrators or users with system administrator rights. If you do not specify a user as a system administrator, inquiry user, or named user on the User Setup tab, then the user is considered a standard user.
▪ Web Services user—A Web Services user has access to MRI Web Services, which enables the user to integrate other systems with MRI. A Web Services user cannot log on to MRI or to Security Console. For SaaS clients, Web Services users are only accessible by super administrators.
A role is a group of users with common access rights to database components, functions, and entities. To establish database security, you can set up roles, and then assign users to one or more roles.
MRI enables you to add as many classes as your organization needs to restrict access to entities, CRE properties, and CRE projects.