User Permissions Between a Workflow and Service Provider

You can invoke a security check when service provider method calls are made within a workflow

Security Using Call Methods

When configuring a Call Method activity, go to the Security area to ensure that, at run time, the current user who has acquired the task step has permission to call the method.

Two pieces of information are required to secure a call between a workflow and a service provider. These two assessments ensure that user permissions are enforced before a method is called.
Caller context Evaluates the user against the target and determines if the correct permissions are in place.
Method information Determines whether the method requires a permission check.
Note: For this feature to function correctly, you must configure a subprocess in one of the following ways to ensure that a user acquires the task step. Then, to verify that the task step is acquired, check the Current User property on the subprocess to ensure it is not null.
  • Manual Start is set to True.
  • A Form activity is used before the method call.

User Interface

Enforce User PermissionsN/ASelect this check box to ensure that the user performing a task at run time has permission to call the method.