User Permissions Between a Workflow and Service Provider

You can invoke a security check when service provider method calls are made within a workflow

Security Using Call Methods

When configuring a Call Method activity, go to the Security area to ensure that, at run time, the current user who has acquired the task step has permission to call the method.

Two pieces of information are required to secure a call between a workflow and a service provider. These two assessments ensure that user permissions are enforced before a method is called.


Caller context	Evaluates the user against the target and determines if the correct permissions are in place.
Method information	Determines whether the method requires a permission check.

Note: For this feature to function correctly, you must configure a subprocess in one of the following ways to ensure that a user acquires the task step. Then, to verify that the task step is acquired, check the Current User property on the subprocess to ensure it is not null.

Manual Start is set to True.
A Form activity is used before the method call.

User Interface

Property	Value	Description
Enforce User Permissions	N/A	Select this check box to ensure that the user performing a task at run time has permission to call the method.