Relationship-Based Security

Beginner

Use FileMaker relationships and privilege sets to enforce row-level data security, limiting which records each user can see and edit based on their account and group membership.

What you'll learn

  • How to use Get(AccountName) in relationship predicates for user-scoped data
  • How to implement team/group-based row-level security
  • How privilege set record-access formulas work
  • Combining relationship filtering with privilege set restrictions

FileMaker's privilege sets control access to tables, layouts, and fields at a broad level. Row-level security -- different users seeing different subsets of the same table -- requires combining privilege sets with relationship-based filtering or Global Field calculations that evaluate the current user's account. This section covers the standard patterns for user-scoped data access.

1/4
1

User-scoped relationship using Get(AccountName)

A global field set to Get(AccountName) at login can be used as a match key. The relationship returns only records assigned to the current user. This filters portals and found sets to the user's own records.

FileMaker Script
// At login: Set Field [ Globals::gCurrentUser ; Get ( AccountName ) ]

// Relationship for user-scoped task portal:
// Globals::gCurrentUser = Tasks_Mine::AssignedTo
// (AssignedTo is stored as the FM account name)

// Portal of Tasks_Mine on dashboard shows only the current user's tasks
// A user cannot see other users' tasks even if they navigate directly to the Tasks layout
// (privilege set record access formula enforces this at the table level)
Portals Within Portals -- Nested Related DataOptimizing Portal Performance

Sign in to track your progress and pick up where you left off.

Sign in to FM Dojo