Restricting access to a flow

Security

The following fields are available in the Security section of the form.

Field	Description
Security	[Restricting access to a flow; who can run it, who can work on assignments in it] Security restrictions on flows can limit how the flow may be executed. Order is not significant in these two arrays. Note: Technically, if Creates a new work item is selected, flow execution only begins when a user submits a completed New user form. The system evaluates the restrictions in this array when the flow starts, rather than before the flow starts. As a result, if a user does not hold any of the privileges listed here, or at least one of the when condition rules is false, an Unable to authorize flow execution error condition appears after the New user form is submitted.
Privilege Class	Optional. To restrict use of this flow to only those users who hold a specific privilege, click Add a privilege to enter a class that the system can use with rule resolution to locate the Applies To key part of a privilege rule.
Privilege Name	Optional. Enter the second key part — Privilege — of a privilege rule to limit which users can create or update a work item with this flow. The system uses the Privilege Class and Privilege Name values with class inheritance to look for the privilege rule. When the privilege array is not blank, a user must hold at least one of the privileges listed to use this flow. When Name field: Enter the second key part — When Name — of a when condition rule to specify conditions supporting business logic for the flow. The system uses the Applies To key part of this rule as the Applies To key part of the when condition rule. For example, you can restrict such executions to mornings only, or to only those users in a specific department. If the conditions are not met, the Unable to authorize flow execution error condition appears after you submit the new user form. When multiple when conditions are defined, all must evaluate to true for the flow to proceed.

Field

Description

Security

[Restricting access to a flow; who can run it, who can work on assignments in it]

Security restrictions on flows can limit how the flow may be executed. Order is not significant in these two arrays.

Note: Technically, if Creates a new work item is selected, flow execution only begins when a user submits a completed New user form. The system evaluates the restrictions in this array when the flow starts, rather than before the flow starts. As a result, if a user does not hold any of the privileges listed here, or at least one of the when condition rules is false, an Unable to authorize flow execution error condition appears after the New user form is submitted.

Privilege Class

Optional. To restrict use of this flow to only those users who hold a specific privilege, click Add a privilege to enter a class that the system can use with rule resolution to locate the Applies To key part of a privilege rule.

Privilege Name

Optional. Enter the second key part — Privilege — of a privilege rule to limit which users can create or update a work item with this flow.

The system uses the Privilege Class and Privilege Name values with class inheritance to look for the privilege rule.

When the privilege array is not blank, a user must hold at least one of the privileges listed to use this flow.

When Name field: Enter the second key part — When Name — of a when condition rule to specify conditions supporting business logic for the flow. The system uses the Applies To key part of this rule as the Applies To key part of the when condition rule.

For example, you can restrict such executions to mornings only, or to only those users in a specific department. If the conditions are not met, the Unable to authorize flow execution error condition appears after you submit the new user form.

When multiple when conditions are defined, all must evaluate to true for the flow to proceed.