Workflow permissions
You can define who has access to view, interact with, manage, or create workflows through a combination of global and resource permissions, roles and configuration settings.
While you can fine-tune where workflows are available and who has access to them, the actions performed by workflows are not restricted by the permissions of the users who are starting or participating in them.
Requirements and permissions
You have a global role that has the System administration global permission.
To edit permissions and roles, you must have a global role that has the System administration global permission.
Accessing the Workflow Designer
To access the Workflow Designer, you must have a global role that has the Workflow Designer access global permission. Once enabled, a link to the Workflow Designer will be added to the application menu.
Managing workflows
To manage workflows in Collibra, you must have a global role with the Workflow Administration or the System administration global permission, which allow you to:
- View workflows.
- Back up workflows.
- Deploy workflows.
- Modify workflow definitions in Collibra.
- View the running instances of workflows.
- View the running instances of Collibra-managed processes.
- Restore workflows.
- Edit the workflow configuration options in Collibra.
Interacting with workflows
At the platform level, you can manage who can start or participate in workflows by assigning the following permissions to the global roles that must interact with workflows:
- Start workflow
- Participate in workflow
Users that have a global role with the Workflow Administration or System administration permission do not require these permissions explicitly.
At the workflow level, use roles to allow specific users to start, stop or reassign workflow tasks. You can configure the roles for each workflow individually in the workflow definition settings page:
-
On the main toolbar, click
, and then click
Settings.
The Collibra settings page opens. - Click Workflows.
The Workflows settings page appears on the Definitions tab page. - Select a workflow.
- Edit the settings in the Roles section of the workflow definition.
Viewing workflow tasks
Normally, you can only view tasks if you are a candidate user for the task. If you have a role with the Manage workflows resource permission for the asset related to the task or if you have the View all running tasks global permission, you can also see ongoing tasks that are assigned to other users in the All Tasks tab on the tasks page.
Use workflow message events permission
Use workflow message events is a global permission that allows you to pass message events to the workflow engine via an API call.
POST /workflowInstances/<processInstanceId>/messageEvents/<messageName>