User Setup

Employee Setup

When creating a new Acumatica user, first determine whether the user is an internal employee or an external user/vendor.

Internal Employees should be created as Employees first. This enables additional Acumatica functionality, including document approvals.
External Users or Vendors do not need an employee record, therefore proceed to the User Setup instructions in this document.

Create an Employee record
1. Navigate to the Configuration > Organization > Employees
2. Click +NEW to create a new employee record.

While many fields are optional, complete the following fields at a minimum:
1. Employee ID – Automatically generated when the record is saved.
2. First Name
3. Last Name
4. Email Address
  1. If the employee does not have a company email address, enter a placeholder.
  2. NOTE: Password reset emails will not be delivered to placeholder address.
5. Country – Defaults to US
6. Employee Class – Select an existing value or use DEFAULT.
7. Branch – Select the appropriate branch.
8. Department – Select an existing value or use DEFAULT.
9. Calendar – Select an existing value or use DEFAULT.

Save the employee record.

Create the User Account
1. Navigate to User Security > User Management > Users
2. Click +New to create a new user.

Complete the following fields
1. Login
  - Must be unique
  - Typically, an employee’s email address or name is used.
  - For vendor users, use the vendor or company name.
2. Generate Password
  - It is recommended to uncheck this option and manually enter a password that meets the password policy.
  - Provide the password to the user securely.
  - If the user will set their own password, enter a temporary password (for example, Welcome1)
3. Linked Entity
  - Select the employee record if the user was created as an employee.
  - Leave blank for non-employee users.
4. First Name – Auto-populates if linked to an employee.
5. Last Name – Auto-populates if linked to an employee.
6. Email – Auto-populates if linked to an employee.
  - This email address is used for password recovery.

Configure User status and password options
1. Set the status options according to your company’s security policies:
  1. If the password must be known internally:
    1. Uncheck ‘Allow Password Changes’
    2. Securely store the password.
  2. If the user will manage their own password:
    1. Assign a temporary password.
    2. Check ‘Force User to Change Password on Next Login’.
  3. If enabling password recovery:
    1. Check ‘Allow Password Recovery’.
    2. Ensure ‘Allow Password Changes’ is also checked.

Assign at least one role to the user by selecting the checkbox next to the role on the Roles tab. Common roles include:

NOTE: Firefly has a separate document and suggestions for procedures on role selection.

1. Acumatica Support
  - Provides full system access without access to user security setup.
  - Recommended for non-Firefly vendors.
2. Administrator
  - Reserved for users responsible for system administration and security.
  - Provides full access, including financial data.

NOTE: During testing, it is common to temporarily assign the Administrator role to all users. Ensure roles are restricted appropriately before moving to production.

1. Customizer
  - Typically limited to Firefly and designated administrators.
  - Used to manage and publish customizations.
2. Field Level Audit
  - Usually assigned to all users to allow viewing of audit history.
3. Internal Employee
  - Usually assigned to all users to allow access to help files.

Additional Notes

Custom roles specific to your organization are typically created during training or implementation planning.
Decisions regarding who can create or manage custom roles should follow internal security and governance guidelines.