Skip to content

x Want to ask a question or reply? Click here to join the group.
Asia T.

How to Set Up Users in Sage X3

6 minute read time.

How to Set Up Users in Sage X3: A Practical, Step-by-Step Guide

If you’re implementing Sage X3 (or cleaning up an existing system), getting user setup right is one of the most important things you can do. Good user configuration helps with:

 

  • Security and compliance
  • Data integrity
  • Performance and usability
  • Clear segregation of duties

 

In this guide, we’ll walk through the end-to-end process of setting up users in Sage X3, from planning to configuration and testing. The exact menu paths can vary slightly by version/patch level, but the concepts are consistent.

 

  1. Before You Start: Plan Your User Structure

 

Don’t jump straight into creating user records. A bit of planning will save you a lot of pain later.

 

1.1 Clarify roles and responsibilities

 

List out the roles in your organisation, for example:

 

  • Sales Order Entry
  • Purchasing
  • Warehouse / Logistics
  • Finance (AP / AR / GL)
  • Management / Reporting
  • Admin / IT

 

For each role, note:

 

  • What they need to do (e.g. create sales orders, validate shipments, post invoices)
  • Which modules/menus they need access to
  • What they must not be able to do (e.g. change product costs, view payroll info, modify parameters)

 

These will eventually map to profiles, groups, and setups in X3.

 

1.2 Design your security approach

 

Sage X3 security typically uses:

 

  • User: the individual login
  • Group: a collection of users, often by department or function
  • Profile / Menu profile: controls menus and functions the user can see
  • Endpoint / Folder: the specific X3 folder or environment they access

 

Plan:

 

  • Which groups you’ll need (e.g. SALES, PURCH, WHSE, FIN, ADMIN)
  • Which menu profiles will match your roles
  • Which folders users should connect to (e.g. X3, PROD, TEST)

 

  1. Create or Review User Groups

 

User groups make later maintenance much easier—change permissions once at group level rather than per user.

 

Typical navigation: Administration → Users → Groups (may vary by version)

 

For each group:

 

  • Create a new group code – e.g. SALES, WHSE, FIN.
  • Enter a clear description – “Sales Order Processing”, “Warehouse Operations”.
  • Link any default settings that should apply to all users in the group (where applicable in your version):

  - Default site or company

  - Default language

  - Default menu profile

  • Save the group.

 

You’ll assign users to these groups later.

 

  1. Set Up Menu Profiles (If Not Already Done)

 

Menu profiles define what a user can see and click in the interface. They’re crucial for security and usability.

 

Typical navigation: Setup → Users → Menu profile / Function profile

 

For each role:

 

  • Create a profile code – e.g. SALESMENU, WHSEMENU, FINMENU.
  • Add only the menus and functions that the role needs:

  - For a Sales profile: Sales orders, quotes, deliveries, invoices, basic reports

  - For Warehouse: Receipts, deliveries, stock inquiries, stock counts

  - For Finance: Journal entries, AP/AR, GL inquiries, trial balance

  • Hide menus that users shouldn’t access, even if they’re just “curious”.
  • Save your menu profiles.

 

Tip: Start from a minimal menu and add items as needed, rather than starting from a full admin profile and removing things.

 

  1. Create Users in Sage X3

 

Now we’re ready to create actual user accounts.

 

Typical navigation: Setup → Users → Users

 

4.1 General tab – basic identity

 

For each new user, fill in:

 

  • User code – a unique login ID (e.g. JSMITH, AMARTIN)
  • Name / Description – user’s full name
  • Status – Active / Inactive
  • Language – e.g. ENG
  • User type – e.g. Normal, Supervisor, or Technical (depends on version and licensing)

 

If you’re integrating with an external directory (e.g. LDAP / Active Directory), align the user code conventions with IT policy.

 

4.2 Authentication & password

 

Depending on your configuration:

 

  • If Native X3 authentication:

  - Set an initial password (user will be prompted to change it, depending on settings).

  - Ensure password policy is configured in Parameters (complexity, expiry, retries).

  • If LDAP / SSO:

  - Link the user to the appropriate directory identity (e.g. domain\username).

  - Confirm IT has the right group mappings in place.

 

Never share admin passwords or reuse the same password across multiple users.

 

  1. Assign Groups, Profiles, and Default Settings

 

Once the user exists, you connect them to your security structure.

 

5.1 Assign user group(s)

 

On the user record (usually a Groups or Authorizations tab):

 

  • Add the relevant group(s) (e.g. SALES, WHSE).
  • If the user spans roles (e.g. Sales and Finance), be careful: they may inherit more access than intended. Always re-check effective rights.

 

5.2 Assign menu / function profiles

 

On the user record:

 

  • Under Menu profile or Function profile, assign:

  - The appropriate menu profile (e.g. SALESMENU).

  - Any function or transaction profiles if used in your setup.

 

Make sure the assigned profile matches the day-to-day tasks the user will perform.

 

5.3 Set default site, company, and endpoint

 

On the user record (often under Management or similar tab):

 

  • Default endpoint / folder – e.g. PROD (production folder).
  • Default company / legislation – the main legal entity they work with.
  • Default site – e.g. main warehouse or branch they belong to.

 

Correct defaults will:

 

  • Speed up data entry (fewer fields to fill every time).
  • Reduce the chance of users accidentally posting to the wrong company or site.

 

  1. Configure User-Level Restrictions (If Needed)

 

Beyond menu profiles, you can tighten security at user or group level.

 

Common areas:

 

6.1 Access codes / authorizations

 

Use access codes to restrict:

 

  • Sensitive fields (e.g. cost price, margins)
  • Specific functions (e.g. delete orders, modify posted transactions)

 

You can assign access codes to:

 

  • Fields on screens
  • Functions or objects
  • And then tie those access codes to profiles/groups/users

 

6.2 Role-based segregation of duties

 

For audit and compliance:

 

  • Ensure the same user can’t both create and approve critical transactions (e.g. purchase orders, vendor master data).
  • Use separate profiles and, where possible, separate users or dual approvals.

 

  1. Test the User Setup

 

Never create a user and assume everything works. Testing is essential.

 

7.1 Use a test login (or impersonate if allowed)

 

Options:

 

  • Log in as the user (if allowed and you know the password – usually only in test environments).
  • Use a similar test user with the same profiles and groups.

 

7.2 Check the following:

 

  • Menu visibility – do they only see what they should?
  • Key processes – can they:

  - Enter and save transactions (e.g. sales order, PO, journal)?

  - Validate/confirm where needed?

  - Access required inquiries and reports?

  • Restricted areas – confirm they cannot:

  - Access admin / parameter menus

  - Change core setup or master data outside their role

  - View or change sensitive financial or HR info

 

Document any issues and adjust profiles, groups, or access codes accordingly.

 

  1. Maintain Users Over Time

 

User setup is not a “set it and forget it” task. It should be part of ongoing system governance.

 

8.1 Onboarding new staff

 

Create a simple checklist:

 

  1. Confirm role / department
  2. Assign standard group and menu profile
  3. Set default site / company
  4. Test access
  5. Provide login and basic Sage X3 training

 

8.2 Offboarding leavers

 

When an employee leaves:

 

  • Immediately deactivate their user in Sage X3.
  • Remove or disable any related integration/API credentials.
  • Transfer any in-progress approvals or tasks to a replacement where necessary.

 

8.3 Periodic access reviews

 

At least once or twice a year:

 

  • Export a list of active users and their groups/profiles.
  • Have department managers review:

  - Who still needs access

  - Who needs less access

  - Any conflicts (e.g. same user doing incompatible roles)

 

Adjust profiles and users accordingly.

 

  1. Best Practices & Common Pitfalls

 

To wrap up, here are some practical do’s and don’ts.

 

Do:

 

  • Standardize naming for users, groups, and profiles.
  • Use groups and profiles rather than managing permissions per user.
  • Document your security model (who can do what, and why).
  • Regularly review inactive or stale accounts and clean them up.

 

Don’t:

 

  • Give everyone a “super user” profile just to avoid permission issues.
  • Share logins between multiple people. This breaks audit trails.
  • Change user security directly as a “quick fix” without updating the underlying profile—it will become impossible to track later.
  • Forget to test in a non-production environment before major security changes.

 

Conclusion

 

Setting up users in Sage X3 isn’t just about creating logins—it’s about designing a secure, scalable access model that supports your business processes.

 

By:

 

  • Planning roles and groups
  • Building clean menu profiles
  • Assigning users to the right groups, profiles, and endpoints
  • Testing and maintaining access

 

…you’ll have a Sage X3 environment that’s safer, easier to use, and much simpler to manage as you grow.

*Community Hub is the new name for Sage City