Skip to main content

Prerequisites

Before you begin, ensure you have:
  • Polarion server administrator privileges
  • A valid Risksheet license (named or concurrent)
  • Access to the Polarion Administration panel

Understanding How User Groups Control Access

Risksheet uses Polarion user groups to determine which registered server users count as active (editing) users versus read-only users. This distinction is critical for license compliance because Risksheet license counts are based on all registered users on the Polarion server, not just users who hold Polarion licenses. diagram The server user count includes every registered account on the Polarion server, regardless of whether that account holds a Polarion ALM license, a Polarion REVIEWER license, or no Polarion license at all. This means an organization with 203 registered server accounts and only 7 Polarion licenses still has 203 server users from the perspective of Risksheet licensing.
Risksheet counts all registered server users, not just Polarion license holders. If your Polarion server has 203 registered accounts but only 7 Polarion licenses, your Risksheet license must cover all 203 server users. Users who no longer need access should be deactivated at the server level to reduce the license count. Simply removing a user from the Risksheet group does not reduce the server user count — it only changes their access from edit to read-only.

Step 1: Create the Risksheet User Group

  1. Log in to Polarion as a server administrator.
  2. Navigate to Administration > User Management > User Groups.
  3. Click Create Group.
  4. Enter the group name exactly as follows: 
    nextedy_risksheet_users
  5. Provide a description such as “Active RISKSHEET editing users” to help other administrators understand the group’s purpose.
  6. Save the group.
The group name nextedy_risksheet_users is a system convention that RISKSHEET recognizes internally. Using a different name (such as risksheet-editors or risk_users) will not grant editing access. The name is case-sensitive and must be entered exactly as shown.

Step 2: Add Users to the Group

  1. Open the newly created nextedy_risksheet_users group.
  2. Click Add Members or Edit Members (depending on your Polarion version).
  3. Search for users by name or email address and add each user who should have active editing access to RISKSHEET.
  4. Save your changes.
Only users added to this group will be able to create, edit, and save risk items in the RISKSHEET grid. All other registered server users retain read-only access — they can view risk analysis tables, navigate the grid, and export data, but they cannot modify any values. When deciding which users to add, consider the following:
User RoleAdd to Group?Access Level
Safety engineer performing FMEA/HARA analysisYesFull edit access to risk items, formulas, and columns
Quality manager reviewing risk assessmentsDepends on workflowEdit access if they need to modify items; read-only if they only review
Project manager viewing risk statusNoRead-only access is typically sufficient
External auditorNoRead-only access for compliance review
Test engineers adding verification resultsYesEdit access to update test status and link test results

Step 3: Refresh the License Page

After adding or removing users from the group, you must refresh the license configuration for the changes to take effect. This is a critical step that is frequently overlooked.
  1. Navigate to Administration > Nextedy Risksheet > License.
  2. Close the License page completely (navigate away to any other Administration page).
  3. Reopen the License page by navigating back to Administration > Nextedy Risksheet > License.
The License page reads group membership at load time and updates the internal permission cache. Without this refresh cycle, the system continues using the previous group membership snapshot.
Simply adding a user to the nextedy_risksheet_users group is not enough. You must close and reopen the Administration > Nextedy Risksheet > License page after every group membership change. This step overwrites the internal license permissions. Without this step, newly added users will see an access error when attempting to edit, even though they appear in the group. In some environments, a full Polarion service restart may be required if the License page still shows stale data after reopening.

Step 4: Verify User Access

After refreshing the License page, perform these verification checks:
  1. Confirm the Named Users count on the License page reflects the number of users in the nextedy_risksheet_users group.
  2. Ask one of the newly added users to open a RISKSHEET document.
  3. Have the user attempt an edit operation, such as changing a cell value or adding a new risk item.
  4. Verify the edit saves successfully without permission errors.
  5. Additionally, verify that a user not in the group can view the RISKSHEET but receives a read-only indicator when attempting to edit.
If any user reports access issues after being added to the group, refer to the troubleshooting section below.

Managing the POWERSHEET User Group

If your environment also includes Nextedy POWERSHEET, an additional user group is required for license alignment. When both RISKSHEET and POWERSHEET are installed with production licenses, the system reads active user assignments from the POWERSHEET group.

Creating the POWERSHEET Group

  1. Navigate to Administration > User Management > User Groups.
  2. Create a new group named: 
    nextedy_powersheet_users
  3. Add all users who need edit access to both RISKSHEET and POWERSHEET.
  4. Save the group.
  5. Navigate to Administration > Nextedy Risksheet > License and close/reopen the page to refresh.
When upgrading RISKSHEET to version 25.11.0 or later in an environment where POWERSHEET is also installed, the nextedy_powersheet_users group becomes mandatory. If this group does not exist, the License page will show 0 named users configured and all licenses as inactive, even though users are correctly assigned to nextedy_risksheet_users. Create the nextedy_powersheet_users group and add your users to resolve this issue immediately after the upgrade.

Migrating Between Groups

If you are transitioning from a RISKSHEET-only deployment to a combined RISKSHEET + POWERSHEET deployment:
  1. Create the nextedy_powersheet_users group.
  2. Copy all members from nextedy_risksheet_users to nextedy_powersheet_users.
  3. Navigate to Administration > Nextedy Risksheet > License and close/reopen the page.
  4. Confirm the named user count reflects the nextedy_powersheet_users membership.
  5. Once verified, you can optionally clean up the old nextedy_risksheet_users group, but keeping it populated is harmless.
Until you confirm the migration is complete, keep both groups populated with the same members. This provides a safety net if you need to roll back the POWERSHEET installation. You can remove the old group assignment after verifying that the License page correctly reads from nextedy_powersheet_users.

Removing Users from the Group

When a team member no longer needs editing access:
  1. Navigate to Administration > User Management > User Groups.
  2. Open the nextedy_risksheet_users group (or nextedy_powersheet_users if POWERSHEET is installed).
  3. Remove the user from the group membership.
  4. Navigate to Administration > Nextedy Risksheet > License and close/reopen the page to refresh permissions.
The removed user will lose editing privileges on the next page load and revert to read-only access. Any unsaved changes in an open RISKSHEET session will fail to save.
Removing a user from the RISKSHEET group changes them from edit to read-only, but it does not reduce your server user count for licensing purposes. To reduce the total server user count (and potentially reduce license costs), you must deactivate or delete the user account at the Polarion server level.

License Count and the SMB Discount

RISKSHEET offers a Small and Medium Business (SMB) discount tier for organizations with 50 or fewer registered server users. Understanding how server users are counted is essential for maintaining SMB eligibility.
FactorDetails
Server user countAll registered accounts on the Polarion server, regardless of Polarion license type or active status
SMB threshold50 server users maximum to qualify for SMB pricing
Active user groupControls who can edit; does not reduce the server user count for licensing
Deactivating accountsRemoving unused server accounts at the Polarion level reduces the total server user count
Locked accountsLocked (but not deleted) accounts still count as registered server users
To stay within the SMB discount threshold or reduce your overall license cost, audit your Polarion server for inactive, locked, or test accounts. Deactivating or deleting these accounts at the server level (not just removing them from the RISKSHEET group) is the only way to reduce the total server user count that your RISKSHEET license must cover.

Troubleshooting Common Issues

User cannot edit after being added to the group
  • Confirm you closed and reopened the License page after adding the user (see Step 3).
  • Verify the user is added to the correct group: nextedy_risksheet_users for RISKSHEET-only deployments, or nextedy_powersheet_users if POWERSHEET is installed.
  • Check that the user’s Polarion account is active and not locked.
  • In some environments, a Polarion service restart may be required if the License page still shows stale data after reopening.
License page shows 0 named users after upgrade
  • If POWERSHEET is installed alongside RISKSHEET v25.11.0 or later, create the nextedy_powersheet_users group and add all relevant users.
  • Close and reopen the License page to trigger a permission refresh.
  • If the count remains at 0, restart the Polarion service.
Server user count exceeds expectations
  • Audit the Polarion server for deactivated, locked, or test accounts that remain registered.
  • Each registered account counts toward the RISKSHEET license total, even if the account has never logged in or has no Polarion license assigned.
  • Service accounts and API-only accounts also count as registered server users.
POWERSHEET features not available despite license
  • RISKSHEET automatically detects and unlocks additional features when a valid POWERSHEET production license exists. Evaluation and trial POWERSHEET licenses do not enable these enhancements.
  • License changes are detected automatically — when the POWERSHEET license status changes (activated, expired, or upgraded from evaluation to production), RISKSHEET features adjust accordingly without requiring a server restart.

Verification

You should now see:
  • The nextedy_risksheet_users group (and optionally nextedy_powersheet_users) listed under Administration > User Management > User Groups
  • The correct count of active named users displayed on the Administration > Nextedy Risksheet > License page
  • Group members able to open, edit, and save changes in Risksheet documents
  • Non-group members restricted to read-only Risksheet access with no ability to modify data

See Also

  • Understand License Types — overview of named, concurrent, and evaluation license models and how server users interact with each type
  • Assign Active Users — step-by-step guide for assigning individual active users to specific license slots
  • Choose License Tier — compare license tiers and SMB discount eligibility
  • Configure Permissions — Polarion role and permission configuration for Risksheet access control
  • Update Risksheet — version upgrade procedures that may affect user group requirements
Support TicketsSource Code
  • RisksheetProduct.java