Applying Workflow Security

Workflow Engine Security Policies

You can create security policies by going to Space -> Settings -> Workflow -> Policy Rules in the Platform Administration Consoles. Note that if you do not see this option, it is likely because of a security policy in place.

You can then create Console, Category, and API security policies. These are generally based on part of a user's identity (such as team/group membership). For example, this rule content would check if the user is a member of the team called Administrators:

@identity.is_member_of('Administrators')

There can also be rules based on the location of the user/call. For example this Localhost Only rule:

['127.0.0.1'].include?(@request.remote_addr)

Security on Categories

You can apply any existing security policies to any category by going to: Space -> Settings -> Workflow -> Categories in the Platform Administration Consoles and selecting or creating a category. Within that category is a "Security Policies" section where you can add or remove any security policy.

Security on Sources

You can apply any existing security policies to any category by going to: Space -> Settings -> Workflow -> Sources in the Task/Workflow Administration Consoles and selecting or creating a source. Within that source is a "Security Policies" section where you can add or remove any security policy.