Skip to main content
Skip table of contents

Workflow Administration Policies

Definition

A Workflow Administration Policy is composed of a right which encompasses several Features.
Once this right is given to users, they will have access to all the listed Features in the Workflow Administration Policies.

Workflow Administration Policy describes:

  • Who Accesses

  • Which Features

  • What Objects

Workflow Administration Policy is configured with:

  • an Access Right Grant that identifies whom the policy applies to

  • a set of Features that identifies which Features are accessible

  • a set of Scopes that identify what Managed Objects are accessible (one scope for each kind of Object).

Several Workflow Administration Policies can be configured in the system, some of them authorize access to the same Features.

Configuration

You can access the Workflow Administration Policiy configuration :

  • by clicking on "Portal" → “Workflows Administration Policies

  • by clicking on "System" → "Configurations" → "Business Model" and perform an import/export.

Properties

Property name

Type

Mandatory

Description

id

String

YES

The id is the unique identifier of the Workflow Administration Policy.

It is case sensitive and no special characters (except - or _) are allowed.

name

String

YES

The Workflow Administration Policy name.

The name may be different from the identifier.Must be at least 4 characters long.

description

String

NO

Used to describe the Workflow Administration Policy.

right

String

YES

Used to indicate the id of the configured right.

features

String

YES

Allows to list the ids of the configured Features.

feature

String

YES

Used to indicate the id of Feature.

scope

-

NO

Allows to configure a restriction on Object kind that can be accessed by the listed Features.

requesterScope

-

NO

Allows to configure a restriction on Identities that can  access the listed Features.

Example

Workflow Administration Policy Exmpale
XML 
<?xml version="1.0" encoding="UTF-8"?>
<kit:DataSet xmlns:ctd="http://www.memority.com/citadel/1_0" xmlns:ctdbpmn="http://www.memority.com/citadel/bpmn/1_0" xmlns:ctdbum="http://www.memority.com/citadel/bum/1_0" xmlns:ctdcore="http://www.memority.com/citadel/core/1_0" xmlns:ctdidm="http://www.memority.com/citadel/idm/1_0" xmlns:ctdrep="http://www.memority.com/citadel/rep/1_0" xmlns:ctdrule="http://www.memority.com/citadel/rule/1_0" xmlns:ctdtnt="http://www.memority.com/citadel/tnt/1_0" xmlns:kit="http://www.memority.com/toolkit/1_0" xmlns:rule="http://www.memority.com/toolkit/rule/1_0" xmlns:ruleaddon="http://www.memority.com/toolkit/addons/rule/1_0" xmlns:search="http://www.memority.com/toolkit/search-expression/1_0" xmlns:settings="http://www.memority.com/toolkit/addons/settings/1_0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <ctdbum:FeatureWorkflowAdministrationPolicy id="wkf-admin">
    <name>Workflow administration policy - Super Admin</name>
      <description></description>
      <right>adm.mbe</right>
      <features>
         <feature>user-card-create</feature>
      </features>
      <scope type="EXPRESSION" objectKind="IDENTITY">
         <searchExpression/>
         <objectTypes/>
      </scope>
      <scope type="EXPRESSION" objectKind="ORGANIZATION">
         <searchExpression/>
         <objectTypes/>
      </scope>
      <scope type="EXPRESSION" objectKind="RESOURCE">
         <searchExpression/>
         <objectTypes/>
      </scope>
      <scope type="EXPRESSION" objectKind="ROLE">
         <searchExpression/>
         <objectTypes/>
      </scope>
      <scope type="EXPRESSION" objectKind="ROLE_PUBLICATION">
         <searchExpression/>
         <objectTypes/>
      </scope>
      <requesterScope type="EXPRESSION" objectKind="IDENTITY">
         <searchExpression/>
         <objectTypes/>
      </requesterScope>
   </ctdbum:FeatureWorkflowAdministrationPolicy>
</kit:DataSet>

Read Next

Business Policies — A Business Policy allows to configure how to trigger actions on Object Types through a Feature with an optional configured Workflow.
Object Policies — An Object Policy is an Identity Management Service Policy allowing to execute arbitrary actions on Managed Objects, either on a scheduled basis, or in reaction to an Object Operation.
Deduplication Policies — A Deduplication Policy describes how duplicates should be searched for when creating a managed object.
Feature Access Policies — A Feature Access Policy is composed of a right which encompasses several Features.
Manual Provisioning Policies — A Manual Provisioning Policy allows to define that manual provisioning or deprovisioning Workflow is launched when the Role assignment status changes.
Object Lifecycle Policies — An Object Lifecycle Policy allows to configure rules, on all Object Types, that will alter an Object attribute directly when certain lifecycle events occur.
Password Policies — A Password Policy determines how passwords should be composed and which rules apply to their lifecycle.
Role Request Policies — A Role Request Policy allows to define if a Role can be requested, for whom, by whom, and using which Workflow.
Workflow Administration Policies — A Workflow Administration Policy is composed of a right which encompasses several Features.
Memority MFA Account Policies — A Memority MFA Policy allows to configure how multi factor authentication should be applied to a population of user
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close