Access Control

ProcessMaker IDP uses role-based access control to manage permissions through roles and policies instead of individual user settings. Here's how it works:

• Role-Based Access Control: Permissions are assigned based on roles created by an administrator. These roles determine what actions users can perform, such as reading, creating, or modifying documents.

• Permissions and Policies: Policies connect roles to specific permissions and entities, defining the actions users can take. For example, a policy might allow users to read a document but not edit it. These policies ensure users have the necessary access without compromising security and system integrity.

User Experience

Users will see different options and actions in the document management interface based on their roles. For example, managers can create and manage folders, while team members might only have access to upload and view documents within their assigned folders.

The following permissions are available and can be configured by an Administrator in your organization:

• Read: A user with this permission can view the attributes and content of an entity.

• Create: A user with this permission can create an entity.

• Modify: A user with this permission can view/update the attributes and content of an entity. And also create/modify annotations of an entity.

• Delete: A user with this permission can delete an entity.

• Read permissions: A user with this permission can view permissions of an entity.

• Modify permissions: A user with this permission can view and update permissions of an entity.

• Download: A user with this permission can download an entity.

These settings ensure users have the appropriate level of access to perform their roles while keeping documents secure.

For detailed instructions on setting up roles and permissions, refer to the Authorization section in IDP Administrator documentation.