Roles and special groups

Spotfire includes a number of special groups that are present at installation and cannot be removed. They define standard roles for administering and using Spotfire.

Each special group enables a set of licenses that correspond to an administrative or user role. To assign a role to a user, simply add the user to one of the special groups. Note that some roles require not only membership in the special group, but also that a specific license be enabled for the group. Licenses are set in the Administration Manager in Spotfire Analyst.

Role Description
Administrator All users who need administrator privileges on Spotfire Server, including the ability to manage users and groups, must belong to this group. Membership in this group grants all permissions described below in addition to administration of preferences, licenses, and the user directory.
Note: This group must also have the Spotfire Administrator license enabled to fully administer the Spotfire system (to access the Administration Manager tool in Spotfire Analyst as well as all areas of Spotfire Server).
Library Administrator Membership in this group grants full permission to the library. It overrides all folder permissions set in the library, granting full control over content. It also includes the permission to import and export library content. All users and groups that need administrative privileges in the library must belong to this group or the Administrator group.
Note: This group must also have the Spotfire Library Administrator license enabled to be able to administer the library (to get access to the Library Administration tool in Spotfire Analyst).
Deployment Administrator Membership in this group grants permission to deploy packages to the server. Note that these users can deploy to any area on the server, as well as delete any existing deployment.

Members of this group can access the Deployments & Packages area of Spotfire Server.

Diagnostics Administrator Membership in this group grants permission to view server logs and diagnostics, as well as to set logging configurations.

Members of this group can access the Monitoring & Diagnostics area of the server.

Scheduling and Routing Administrator Membership in this group grants permission to create scheduled updates and routing rules.

Members of this group can access the Scheduling & Routing area of the server.

Scheduled Updates Users The account that executed scheduled updates must be a member of this group. By default, the account scheduledupdates@SPOTFIRESYSTEM is a member of this group.
Automation Services Users Membership in this group grants permission to execute Automation Services jobs on the server, using the Job Builder or the Client Job Sender.
Custom Query Author Membership in this group grants permission to save scripts written in custom query languages as trusted to the library.
Note: An authorized custom query author MUST ALSO have the Custom Query in Connections license enabled to get access to the required UI.
Script Author Membership in this group grants permission to save scripts as trusted to the library.
Note: An authorized script author MUST ALSO have the Author Scripts license enabled.
Note: Scripts that are executed by Spotfire Server can essentially do anything that deployed packages can do. Therefore you should only grant this permission to trusted users.
API User All users who require access to the Spotfire Server public Web Service API must be members of the API User group.
Everyone This group always contains all users in the Spotfire implementation. No users can be removed from this group, but you can set licenses for the group if you want to.
System Account This group cannot be edited. It contains the system accounts that are used internally in the Spotfire environment.