Access Permissions control who can view and edit specific sections and fields in an application during each step of the workflow. They ensure that only authorized users can interact with data at the right stage of a process.
¶ Why Access Permissions Matter
Access Permissions help maintain data security, prevent unauthorized edits, and create a smooth workflow experience. By assigning permissions, you decide:
- Who can enter or modify data.
- Who can only view data.
- Who should not see certain fields at all.
¶ Understanding the Access Permissions Page
The Access Permissions page is divided into two sections:
- Permission – Step Name (Left Panel):
Lists all the workflow steps defined while creating the workflow. Each step corresponds to a specific role or actor in the process (e.g., Initiator, Approver, Manager). - Sections and Elements (Right Panel):
Displays all sections and fields from the form that were built in the Form Builder.
For each field, you can assign one of the following permissions:- Editable: The actor can enter or change data in this field.
- Read-only: The actor can view the field’s data but cannot make changes.
- Hidden: The field is not visible to the actor during that workflow step.
- Custom: Enables more advanced, fine-tuned control over specific fields or sections.
Example:
In the image below, you can see how permissions are defined for different workflow steps.
For instance:
- Project Risk and Risk Title are set as Editable, allowing users to input data.
- Risk Category is set to Hidden, meaning this field will not appear for that actor in the app during this step.
- Some fields like Project Name are set as Readonly, so users can see the data but cannot modify it.
This setup ensures that each actor only interacts with fields relevant to their role in the process.
¶ Define Access Permissions
- Go to the Access Permissions tab in the Application Builder.
- Select a workflow step from the left panel.
- On the right panel, choose the appropriate permission for each field:
- Editable if the user needs to input or modify data.
- Read-only if the user should only view the data.
- Hidden if the user should not see that field at all.
- Repeat this for all sections and workflow steps as required.
- Click Save after defining all permissions.
¶ How It Works in Practice
If there are three sections in a form and three actors in a workflow:
- Each actor will see only the sections allowed for their step.
- If a section is Hidden for an actor, it won’t appear during their transaction.
- If a section is Readonly, they can view data but cannot edit it.
- Only actors with Editable permissions can enter or update data in those fields.
This ensures that every participant works only with the data that is relevant and authorized for their role.