This guide aims to support the users of the PLM Portal - PUI in completing the steps needed to gain access to the platform to manage authorised products data in PUI.
Important note: PUI roles are currently only available to participants in the PUI UAT.
Checklist to access the PLM portal – PUI
- An active EMA user account - you can log in to your EMA account or create an account at EMA account management
- the organisation you are working for listed in EMA’s Organisation Management Service (OMS) — if you have previously submitted applications, your organisation is probably listed in OMS. You can check whether your organisation is in OMS by searching using 'Request Access for Organizations' at EMA account management. In case your organisation is not in OMS, you can request a new organisation.
- PUI user access role(s) assigned to your EMA account — this guide provides information about the PUI roles available to UAT participants. Once you know which role you wish to apply for, you can request roles as described in the section below.
PUI user access roles
Roles are assigned to single users and are granted at organisation level – not at PUI level. For instance, a user should not be referred to as an ‘Qualified User of PUI X’ and ‘User of PUI Y’. If a user holds the Qualified User role, s/he plays that role for the organisation on whose behalf s/he is acting. A user may be referred to as an ‘Qualified User of organisation X’ and ‘User of organisation Y’.
For every organisation you belong to, you can request a different role type.
1. Industry roles
There are 3 industry roles enabling different levels of access for management of PUI.
| User | Applicant role names |
| Industry user(s) | UAT_PUI Industry User |
| UAT_PUI Industry Qualified User |
2. Regulator roles
There are 2 regulator roles. Users with these roles work for a National Competent Authority (NCA) and can act behalf of their authority.
| User | Regulator role names |
| NCA user(s) | UAT_PUI NCA User |
| UAT_PUI NCA Qualified User |
3. Admin roles
There is 1 admin role per type of user. Users with these roles are able to approve or reject roles requests from within their organisation.
| User | Admin role names |
| Industry user(s) | IRIS / PLM Industry Admin |
| NCA user(s) | IRIS / PLM NCA Admin |
| EMA user(s) | IRIS / PLM EMA Admin |
If you already have an admin role for IRIS, eAF or ePI, and your organisation is participating to any eAF or ePI UAT, you will automatically also be an admin for PUI.
The above roles can approve/reject PUI users and qualified users during the PUI UAT (even though PUI is not mentioned in the role names).
Grants provided by user access roles
Industry and NCA roles
The table below summarises the operations that each industry and NCA role can perform in the PLM Portal - PUI.
Table 1: Industry User roles versus permissions in PUI as stated in On-boarding of users to Substance, Product, Organisation and Referentials (SPOR) data services.
| Permissions | IRIS / PLM Industry Admin | UAT_PUI Industry User | UAT_PUI Industry Qualified User |
| Login to SPOR | ü | ü | ü |
| View Product | û | ü | ü |
| Search Product | û | ü | ü |
| Edit Product | û | ü | ü |
| Edit Products in Bulk | û | û | ü |
| Clone Product | û | û | ü |
| Compare Products | û | ü | ü |
| Compare Product Versions | û | ü | ü |
| Export Product | û | ü | ü |
| Create Product | û | û | ü |
| Delete Draft Product | û | û | ü |
| Nullify Product | û | û | ü |
| Transfer Product Ownership | û | û | ü |
| Grant/revoke access to SPOR API in the Account Management Portal | ü | û | û |
Table 2: NCA User roles versus permissions in PUI as stated in On-boarding of users to Substance, Product, Organisation and Referentials (SPOR) data services.
| Description | IRIS / PLM NCA Admin | UAT_PUI NCA User | UAT_PUI NCA Qualified User |
| Login to SPOR | ü | ü | ü |
| View Product | û | ü | ü |
| Search Product | û | ü | ü |
| Edit Product | û | û | ü |
| Edit Products in Bulk | û | û | ü |
| Clone Product | û | û | û |
| Compare Products | û | ü | ü |
| Compare Product Versions | û | ü | ü |
| Export Product | û | ü | ü |
| Create Product | û | û | û |
| Delete Draft Product | û | û | û |
| Nullify Product | û | û | ü |
| Transfer Product Ownership | û | û | ü |
| Grant/revoke access to SPOR API in the Account Management Portal | ü | û | û |
We recommend granting the role that allows the user to access only the resources necessary for its purpose. When requesting/granting roles keep in mind:
- The PUI roles enable users to read only data during the PUI UAT and first PUI Go-live.
- The PLM Admin roles can approve/reject (through the EMA Account Management portal) other users' requests for access to UAT environments PMS PLM PUI on behalf of an organisation they are affiliated with. This user role also includes the revocation of these roles should the user no longer represent their organisation.
- The PUI User roles are equal to Level 2b and Level 3 for Industry and NCA respectively as stated in the EU IG Chapter 5 and relevant Annex A.
- PUI Industry User can have access in UAT environment of PLM PUI to a limited subset of their own authorised human medicinal product to fulfil their legal responsibilities for their own products. This role is indicated to Contractors, vendors and other external service providers working for a specific organisation on the PMS subject.
- The PUI NCA User can have full access in UAT environment of PLM PUI to authorised product data elements and limited access to the functionalities as stated in the On-boarding of users to Substance, Product, Organisation and Referentials (SPOR) data services.
- The PUI Qualified User roles are equal to Level 2a and Level 3 for Industry NCA respectively as stated in the EU IG Chapter 5 and relevant Annex A.
- PUI Industry Qualified User can has access in UAT environment of PLM PUI to both public and restricted subsets of their own authorised human medicinal product to fulfil their legal responsibilities for their own products. This role is indicated to MAHs.
- PUI NCA Qualified User has full access in UAT environment of PLM PUI to authorised product data elements. User with this role has full access to the functionalities as stated in the On-boarding of users to Substance, Product, Organisation and Referentials (SPOR) data services.
Admin roles
The table below summarises the PUI roles that each admin role can approve or reject for their organisation.
| Grant | IRIS / PLM Industry Admin | IRIS / PLM NCA Admin | IRIS / PLM EMA Admin |
Can approve/reject role requests and remove roles for:
| ü | û | û |
Can approve/reject role requests and remove roles for:
| û | ü | û |
Can approve/reject role requests and remove roles for:
| û | û | ü |
If organisations intend to have more than a user accessing the PLM Portal – PUI, then it is required that some user performs the access management for that organisation. In that case:
- Each industry organisation should have at least one user with the IRIS / PLM Industry Admin role;
- Each NCA should have at least one user with the IRIS / PLM NCA Admin role.
Industry and NCA can request multiple roles.
How to request roles
Prior to the submission of role requests, you must ensure that you have an active EMA account and that the organisation on whose behalf you will be acting is listed in the EMA’s Organisation Management Service (OMS).
- To request PUI roles, first sign in to EMA account management
- Next click on 'Request Access for Organizations'. This will enable you to find and select your organisation.
- Once you have selected your organisation, click 'Next'. The roles you can apply for will be displayed. Select the role and click 'Next'.
- The first IRIS / PLM Industry/NCA Admin user request of your organisation will be submitted for approval of the IRIS / PLM EMA Admin.
- Any subsequent IRIS / PLM Industry/NCA Admin request of your organisation will be submitted for approval of the first approved IRIS / PLM Industry/NCA Admin user of your organisation.
- To follow the status of your request, from the EMA account management homepage, go to 'Track My Requests'.
To learn more about PMS roles and which roles to request, see the above sections PUI user access roles and Grants provided by user access roles.
Multifactor authentication when logging in to PLM portal
Logging into the PLM Portal requires multi-factor authentication (MFA).
This means that, in addition to the standard username and password, you are required to verify your identity with an additional authentication method. MFA adds a layer of security to access your account and it protects your data from being accessed by an unauthorised third party.
The additional authentication step can be using an app – the Microsoft Authenticator app – considered the most secure method. A SMS sent to a mobile phone number or calls to an office or a mobile phone number are other possible authentication methods. Please access My Account to manage/setup your MFA authentication methods.
Authentication steps when signing in to the PLM portal
1. On clicking Sign in at the PLM portal, pick an account.
Important note: You must sign in with your username followed by @id.ema.europa.eu: for example, surname_n@id.ema.europa.eu
2. Enter password
Use the same EMA account password you use at EMA account management.
3. Verify your identity
Select one of the following authentication methods to verify your identity:
- Microsoft Authenticator app: The authenticator app is considered the most secure and convenient authentication method. Use the Microsoft Authenticator app in your registered mobile device to prove who you are either by:
- Approve a request on your Microsoft Authenticator app: You receive a notification in your registered mobile device, which will direct you to the Microsoft Authenticator app. There, a pop-up will be displayed which you must Approve/Deny the sign in attempt.
- Use a verification code: In the Microsoft Authenticator app, every 30 seconds a verification code is generated. Enter the code generated in the Microsoft Authenticator app.
- SMS: You receive a verification SMS code in your registered mobile phone. Add that code to sign in.
- Call: You receive a phone call in your registered mobile phone. In the call, approve/deny the sign in attempt.
4. Set up of multifactor authentication.
Access My Account to manage/setup your MFA authentication methods. In this link, you can find guidance on how to setup the above-mentioned authentication methods.
Support
Registration for PLM portal – PUI is currently restricted to PUI pilot participants only.
Pilot participants experiencing any issue with user registration should contact the EMA Service Desk.