Core Permissions

   Journey Manager (JM) Previously known as Transact Manager (TM).  |    System Manager / DevOps  |   v18.05 This feature was updated in v18.05.

Manager provides the following permissions to control user access to restricted content. The permissions are mapped to the standard roles below, so you know what roles to assign to users to enable them to use certain product functionality.

Permission Description Role

Admin Directory

This is permission is required to access the Manager console. Users accessing the Manager console must be granted at least one role with this permission, otherwise they will not be able to use it.

System Manager

Organizarion User Manager

Transaction Data Access

Operations

System Support

Administrator

Developer

Audit View

Provides access to the system audit log and user login history.

System Manager

System Support

Administrator

Developer

Collaboration Job View

Provides read-only access to collaboration jobs, including viewing details about a collaboration job and its steps, actions and events. This permission is also found in each of the form spaces. However, it would grant different types of privileges for a form space.

System Manager

Operations

System Support

Administrator

Developer

Collaboration Job Edit

Allows users to manage collaboration jobs by pausing, triggering job processing, editing job properties and action details.

System Manager

Operations

Administrator

Developer

Collaboration Job Remove

Allows users to delete collaboration jobs. Only canceled collaboration jobs can be deleted.

System Manager

Operations

Administrator

Developer

Core Service Edit

Allows users to edit advanced service settings and some collaboration job related services. This permission is not assigned to any of the standard Manager roles, so use it with care and only when absolutely necessary. You should seek advice from the Manager support beforehand.

System Manager

Administrator

Developer

Data Retention View

Allows users to view global data retention settings.

System Manager

Operations

System Support

Administrator

Developer

Data Retention Edit

Allows users to modify and apply global data retention settings.

System Manager

Administrator

Db Version Update View

Allows users to view the database version history.

System Manager

Administrator

Delivery Details View

Allows users to view the list of delivery channels and trigger delivery actions for submissions manually.

System Manager

Operations

System Support

Administrator

Developer

Delivery Details Edit

Allows users to create, edit and delete delivery channels.

System Manager

Administrator

Developer

Delivery Details Remove

It is not currently in use, so apply the Delivery Details Edit permission instead.

System Manager

Administrator

Developer

Deployment Property View

Allows users to view the list of system deployment properties and their values.

 

Deployment Property Edit

Allows users to edit deployment property values, access and modify email settings.

 

Document Type View

Allows users to view document types and their details.

 

Document Type Edit

Allows users to create and edit document types.

 

Document Type Remove

Allows users to remove document types.

 

Email Delivery Acknowledge

It is related to delivery of type Email Secure, where administrators receive an email notifying them of new submissions, asking them to acknowledge delivery by accessing a page on Manager and confirming. This permission controls access to this page. Must be assigned to only administrators involved in processing secure email delivery.

 

Email Queue View

Allows users to access the system email queue, but does not allow them to view each email details. You need to assign the Email Queue Edit permission for that.

 

Email Queue Edit

Allows users to create, edit and access email queue details.

 

Error Log View

Provides access to the error log and error details. It also enables links to error log entries from various Manager tabs.

 

Event Log View

Provides access to the event log and event details. It also enables links to event log entries from various Manager tabs.

 

Export Application Package

Allows users to export application packages, including form bundles and services, for organizations they have access to.

 

Export Form

Allows users to export a form and all its versions.

 

Export Form Version

Allows users to export a single form version.

 

Export Groups

Allows users to export one or more groups.

 

Export Metadata

Allows users to export the set of global metadata tags.

 

Export Organization

Allows users to export an organization.

 

Export Portal

Allows users to export a form space.

 

Export Roles

Allows users to export one or more roles

 

Export Services

Allows users to export one or more service definitions.

 

Export Security Managers

Allows users to export one or more security managersSecurity managers are the Journey Manager's components that are responsible for User Authentication, User Authorization, User Self-Registration, and Session Management. Security mangers are designed to handle various sets of users requiring access to different form spaces and can be associated with one or more form spaces. Users can be external or internal, and they can require access to form spaces or a combination of form spaces and modules in different environments. You can find security managers under Security > Security Managers..

 

Form View

Allows access to the list of forms and a read-only view of most of form configuration. It also enables links to forms from various Manager tabs. If you need to view form version or form data configuration details, you need to add the Form Edit permission.

 

Form Edit

Allows users to view all details about a form as well as create and edit forms. It includes editing form versions and form data configuration.

 

Form Service Edit

Allows administrators to manage service definitions related to form development. This permission is a less powerful than the Service Edit permission.

 

Form Test

This permission exposes links to access forms on a form space for testing. It also allows users to access the PDF receipt test harness, such as a link in the Form URLs section of the form edit page.

 

Form Data Retention

Allows users to edit form specific data retention settings.

 

Form Remove

Allows users to delete forms, form versions, form promotion entries and form data extract mappings.

 

Groovy Console

Allows access to the Groovy console.

 

Groovy Log View

Allows access to the Groovy service log.

 

Group View

Allows users to view the list of groups, but it does not allow access to group detail information, so you should add the Group Edit permission for that.

 

Group Edit

Allows users to create, edit and view group details.

 

Group Remove

Allows users to remove groups.

 

Group Assign

Allows users to assign users to a group. It is also necessary to access the Forms panel on the group edit page.

 

Import Action View

Allows access to the import log. It does not include read-only access to import action details.

 

Import Action Edit

Allows users to view and edit import log details . It is also necessary to import form and form space archives exported from another Manager server, along with the import permission corresponding to the entity to be imported.

 

Import Action Remove

Allows users to delete entries from the import log. Only completed import actions can be deleted.

 

Import Application Packagev

Allows users to import application packages, such as form bundles and services, for organizations they have access to.

 

Import Composer Form

Allows users to import forms published by Composer and view the import details.

 

Import Form

Allows users to import form version archives created by exporting a form version from another Manager server. to import form version archives successfully, users also currently need the Import Action Edit permission.

 

Import Groups

Allows users to import group archives created by exporting one or more groups from another Manager server.

 

Import Metadata

Allows users to import metadata tag archives created by exporting one or more metadata tags from another Manager server. In addition, this permission is needed to upload files with values for metadata tags of types List and List Hierarchy.

 

Import Organization

Allows users to import an organization archive, which contains organization configuration but no forms, exported from another Manager server. Only administrators with access to more than one organization can see the import button.

 

Import Portal

Allows users to import a space archive, which contains form space configuration but not the backing WAR file, exported from another Manager server as well as space WAR files. To import space archives successfully, users also currently need the Import Action Edit permission.

 

Import Roles

Allows users to import role archives, which contains roles and associated permissions, exported from another Manager server.

 

Import Security Manager

Allows users to import security manager archives exported from another Manager server.

 

Import Services

Allows users to import service archives, which contains service definitions and their service connections, exported from another Manager server.

 

Import TPac

Allows users to import TPacs directly into Manager.

 

Licensing Edit

Allows users to edit system licensing information and configure how licensing report data will be published to Avoka.

 

Licensing Report View

Allows users to access the Transact Licensing and Job Licensing reports, otherwise these reports don't appear in the Reports menu.

 

Metadata Tag View

Allows users to view metadata tags and their details.

 

Metadata Tag Edit

Allows users to create and edit metadata tags.

 

Metadata Tag Removev

Allows users to delete metadata tags.

 

Metadata Value View

Allows users to view values configured for metadata tags on the organization or form version levels.

 

Metadata Value Edit

Allows users to create and edit values configured for metadata tags on the organization or form version levels.

 

Metadata Value Remove

Allows users to delete values configured for metadata tags on the organization or form version levels.

 

Notification View

Allows users to view the list of notifications configured for form spaces.

 

Notification Edit

Allows users to create and edit notifications configured for form spaces.

 

Notification Remove

Allows users to delete notifications configured for form spaces.

 

Offline Sync Log View

Allows users to view the T.Field related offline sync and client logs.

 

Operation Chart View

Allows users to view a number of Manager analytics charts.

 

Operation Export Report View

Not used.

 

Operation Form Events View

Not used.

 

Organization View

Allows users to view organization information and part of its configuration. It also enables links to organizations.

 

Organization Edit

Allows users to create and edit organizations and associated configuration, such as categories and application packages.

 

Organization Remove

Allows users to remove organizations. Because deleting organizations will also delete all associated forms and submissions, this is a permission that should be assigned sparingly.

 

Organization Copy

Allows users to create a copy of an existing organization.

 

Organization Portal Assign

Allows users to assign spaces to an organization for form hosting purposes.

 

Organization Payment Edit

Allows users to view and modify an organization's payment gateway.

 

Organization Property View

Allows users to view the set of organization property values.

 

Organization Property Edit

Allows users to edit and delete organization property values.

 

Organization Property Remove

Not used.

The edit permission confers deletion privileges.

 

Organization Storage Edit

Allows users to edit organization data storage and retention settings.

 

Payment Log View

Allows users to view payment transactions.

 

Portal View

Allows users to view details of form spaces and modules.

 

Portal Edit

Allows users to edit form spaces, modules and all associated configurations.

 

Portal Content Edit

Allows users to edit form space content, such as pages and resources.

 

Portal Style Edit

Allows users to edit some form space content related to styling, such as the index page, childportal.css and all resources of JPG type.

 

Portal Remove

Allows users to remove form spaces and modules.

 

Promotion View

Allows users to view the form version promotions and a tab on the form edit page.

 

Promotion 1 Development

Allows users to promote form versions to be in the Development status.

 

Promotion 2 Ready For Test

Allows users to promote form versions to be in the Ready For Test status.

 

Promotion 3 Test Failed

Allows users to promote form versions to be in the Test Failed status.

 

Promotion 4 Test Passed

Allows users to promote form versions to be in the Test Passed status.

 

Promotion 5 Ready For Production

Allows users to promote form versions to be in the Ready For Production status.

 

Promotion 6 Not Ready For Production

Allows users to promote form versions to be in the Not Ready For Production status.

 

Promotion 7 Production

Allows users to promote form versions to be in the Production status.

 

Property Type View

Allows users to view property types.

 

Property Type Edit

Allows users to create and edit property types

 

Property Type Remove

Allows users to remove property types.

 

Report View

Allows users to view reports, but it does not give read-only access to report configuration details, so you should add the Report Edit permission for that.

 

Report Edit

Allows users to create and edit reports.

 

Report Remove

Allows users to remove reports.

 

Report Render

Allows users to render reports on screen and access the organization report schedules.

 

Report Schedule View

Allows users to view report schedules on the organization level.

 

Report Schedule Edit

Allows users to create and edit report schedules on the organization level.

 

Report Schedule Remove

Allows users to remove report schedules on the organization level.

 

Report Schedule Trigger

Allows users to trigger report schedules on the organization level that send an email for the most recent reporting period.

 

Rest Delivery Service API

Allows users to invoke the REST Delivery API provided in Manager.

 

Rest Service Definitions API

Allows users to invoke the REST Service Definitions API provided in Manager.

 

REST Application Package API

Allows users to access the Application Package REST service endpoint for listing application packages, and importing and exporting application packages in Manager.

 

REST Form Groups API

Allows users to access the Form Groups REST service endpoint for querying and creating Form Groups in Manager.

 

REST Groovy Service Invoke

Allows users to access the Groovy Service REST service endpoint to invoke a Groovy service. This service endpoint can be used to perform operations such as uploading reference data for use in dynamic data or form prefill services. Enable the service parameter REST Invoke Enabled service parameter.

 

REST Tasks API

Allows users to access the Tasks API REST service endpoint for creating and updating tasks in Manager in a secure and efficient manner.

 

REST Test Center API

Allows users to access the TestCenter API REST service endpoint for performing test operations in Manager.

 

REST Transaction History API

Allows users to access the Transaction History API REST service endpoint for querying the OLAP Transaction History table in a secure and efficient manner.

 

Rest TPac API

Allows users to access the TPac API REST service endpoint for deploying TPacs, and downloading or deleting TPac archive files in Manager.

 

Rest Transactions API

Allows users to invoke the REST Transactions API provided in Manager.

 

Role View

Allows users to view roles, but it does not give read-only access to role configuration details, so you should add the Role Edit permission for that.

 

Role Edit

Allows users to create, edit and view role details.

 

Role Remove

Allows users to remove roles.

 

Role Assign

Allows users to assign user accounts to a role. The set of roles that a user can assign is further restricted based on whether the user is a global administrator.

 

Security Manager View

Allows users to view the set of security managersSecurity managers are the Journey Manager's components that are responsible for User Authentication, User Authorization, User Self-Registration, and Session Management. Security mangers are designed to handle various sets of users requiring access to different form spaces and can be associated with one or more form spaces. Users can be external or internal, and they can require access to form spaces or a combination of form spaces and modules in different environments. You can find security managers under Security > Security Managers..

 

Security Manager Edit

Allows users to create, edit and view all details of security managers, including managing authentication providers. The Service Edit permission currently controls access to some content, such as creating security managers and authentication providers and parameters.

 

Security Manager Remove

Allows users to remove security managers.

 

Service View

Allows users to view the full set of service definitions, service connections, collaboration job definitions, server nodes, and scheduled jobs. It doesn't give read-only access to the configuration details, so you should add the Service Edit permission for that.

 

Service Edit

Allows users to create, edit and view configuration details of service definitions, service connections, collaboration job definitions, server nodes, scheduled jobs, and system data retention settings. For a form developer to modify their own form related services, without giving them access to all service types, you should use the Form Service Edit permission instead.

 

Service Remove

Allows users to remove service definitions, service connections, collaboration job definitions, server nodes, and scheduled jobs.

 

Submission View

Allows users to view form transactions, transactions history, transaction delivery, saved transactions, abandoned transactions. It also enables links to submissions on other pages. Access to the actual content submitted by users is not granted by this permission, so you should add the Submission Data View and Submission XML Data View permissions.

 

Submission Edit

Allows users to modify submission statuses and retry delivery.

 

Submission Data View

Allows users to view non-XML submission content, such as receipt and attachment content, but not the submitted XML, submitted by the user. It also provides access to the set of submission data extract values, including the form submission data. Allows access to user entered data, so you must handle it carefully.

 

Submission XML Data View

Allows users to view XML submission content, that is, the data entered into the form by the user. Allows access to user entered data, so you must handle it carefully.

 

Submission XML Data Edit

Allows users to edit XML submission content and delete submission data extract values.

 

Submission Save Edit

Allows administrators to open and fill in saved transactions.

 

System Health View

Allows users to view system health.

 

System Info View

Allows users to access some pages that provide information on system info, server performance, and LiveCycle performance.

 

System Report Schedule View

Allows users to view report schedules for global reports.

 

System Report Schedule Edit

Allows users to create and edit report schedules for global reports.

 

System Report Schedule Remove

Allows users to remove report schedules for global reports, but you should also add the Report Schedule Edit permission for this to work.

 

System Report Schedule Trigger

Allows users to trigger report schedules for global reports that sends an email for the most recent reporting period.

 

Task View

Allows users to view the list of task submissions.

 

Task Edit

Allows users to create task submissions and edit task related.

 

TPac Remove

Allows users to remove imported TPacs.

 

TPac View

Allows users to view the imported TPacs.

 

User View

Allows administrators to view user accounts, but it does not include a read-only view of user details, so you should add the User Edit permission for that.

 

User Edit

Allows administrators to create, edit and view User Edit user properties.

 

User Remove

Allows administrators to remove user accounts.

 

User Bulk Import

Allows administrators to bulk import user accounts defined in an Excel spreadsheet.

 

User Profile Edit

Allows administrators to create and edit user profiles, as well as mark a profile as the default one for a user.

 

User Profile Remove

Allows administrators to remove user profiles.

 

User Property View

Allows administrators to view user properties.

 

User Property Edit

Allows administrators to create, edit and view user properties.

 

User Property Remove

Allows administrators to remove user properties.

 

Web Service Invoke

Allows users to invoke Manager's web services.

 

Next, learn how to view roles.