Access and Access Rights Overview

Instructions

We give our clients the ability to create users through User Access Rights. The assignment of users and their access rights is controlled by an organization's Security Officer(s). Individual accounts can also add users and assign access rights to them, but these accounts do not have access to the full range of user access rights functionality available to Security Officers for institutional accounts.

Institutional accounts can add up to 250 users, including employees and non-employees. Access rights to the different functions in Portal can be limited for each of those users. In addition, we also offer an authorization feature to institutional accounts wherein multiple users must approve certain Portal requests, such as funding transactions.

User Access Rights Availability

The complete User Access Rights system, including the ability to select Security Officers and use authorizations, is available to the following account structures:

  • Registered Advisors
  • Brokers
  • Proprietary Trading Groups
  • Fund Investment Managers
  • Small Business Accounts (Corporation, Partnership, LLC or unincorporate legal structure)

ALL account structures have the ability to add users to an account and assign them access rights to Portal functions EXCEPT:

  • Introducing Broker Clients
  • Proprietary Trading Group Sub Accounts
Access Rights and Access Groups

User access rights are organized into access groups that correspond to these Portal menus:

  • User Settings Access
  • Trading Access
  • Reporting Access
  • Funding Access
  • Account Settings Access
  • Client Management Access

Each access group contains several functions, which themselves correspond to the individual functions in Portal. When assigning access rights to a user, you can assign access rights to an entire access group and all of its individual functions, or you can assign access rights to the individual functions themselves.

All account users automatically get rights to Security-related functions in Portal (Password, Secure Login System, Secure Login System Device Sharing, and Voting Subscriptions), and the functions in the Settings > User Settings access group (User Information and Change Email Address).

Individual account holders cannot grant Funding rights to new users that they add. Security Officers for institution accounts can however grant Funding rights.

Add new users and assign access rights to them on the Settings > Account Settings > User & Access Rights screen.

User Roles

A user role is a set of user access rights saved with a unique name. User roles allow Security Officers (and individual account holders) to save a set of user access rights and quickly apply them to users. This is useful if you have multiple users to add to an account. User roles work the same way as user access rights: functions are organized into access groups based on the Portal menu structure, and you expand each access group to view and assign rights to functions located in second-level menus. You can select a user role only if you have created and saved at least one.

Create user roles on the Settings > Account Settings > User & Access Rights screen.

Security Officers

The assignment of access rights to users is controlled by an organization's Security Officer. Security Officers are designated employees who can assign access rights and authorize functions.

Institutional account holders can add Security Officers to their account during the account application process, if they require additional Security Officers for authorization purposes. To add Security Officers after your account is open, you must send a paper form request to us.

Security Officer Approvals

As an added layer of security, you can require that any changes made by one Security Officer be approved by one or two other Security Officers. To change the number of Security Officer approvals required, you must complete and submit a request form.

Account-Level Access Rights

Security Officers can view account-level access rights on the Access Rights > Configure page in Portal but cannot change them without a special request to us.

Primary and Secondary Authorizers

If your organization requires additional security for Portal functions, you can appoint authorizers to approve requests. Authorizers are users who provide additional layers of security for different Portal functions such as funding requests.

For more information, see Authorizers.

User Access Rights Summary for Organizations

Organizations can follow these steps to set up a user access rights implementation that includes Security Officers and authorizations.

  1. During your account application process, designate one or more persons to be Security Officers.

    • As the account owner, you are automatically designated as a Security Officer.

    • If you forgot to do this, or you want to add more Security Officers to your account, send a request to us.

    • If you need an additional layer of security, you can require that changes submitted by one Security Officer must be approved by other Security Officers. You set the number of these Security Officer approvals during the application process.

  2. After your account has been approved, your Security Officer logs into Portal and creates and saves user roles to be able to apply reusable sets of access rights to more than one account users.

  3. Your Security Officer adds users to your account, granting them access rights to the different functions in Portal to correspond to the users and functions in your organization. At this time, the Security Officer will also apply any saved user roles to the new users.

  4. Your Security Officer sets the number of Primary and Secondary Authorizers for specific functions in Portal. On the same page in Portal, the Security Officer can view the current account-level access rights.

 

Additional Resources

Learn About Users & User Roles at IBKR Campus

Learn About Users & User Roles for Advisors at IBKR Campus

Visit the IBKR Client Portal Website

Log in to Users and Access Rights