Workflow 4 – Security

The Security section of the Workflow tab is where you get to define workflow level security, i.e., which users can do what things with the records created with this form, at each stage of the workflow. You set which roles can just read the record, which edit it, and which can delete it. You can even define who can see or edit each individual field, section or workflow action button.

Example: In an expense management application, an employee can view and edit their expense report records, but the approver can see all employee’s expense reports. The employee doesn’t see the approver section of the form when they create and submit their expense report. Once submitted the approver can view but not edit the information entered by the employee, but they can add comments in the approval section and approve or reject the record. Once approved, the employee will be able to see their own records, but not edit them.

Note: This page is about the New Workflow UI Overhaul. The old Workflow UI is still available–the new UI is accessible using the New Workflow tab on the form editor, and the old Workflow and Security tabs follow it. The available features of the new UI are identical to the old UI, but this new UI is designed to be easier to navigate and manage by combining Workflow and Security in the same tab. These changes will become the standard in the future, but you can begin learning how to navigate the new UI now.

Workflow Tab

The Workflow tab can be broken down into three sections:

  • Stages (1)
  • Action Buttons (2)
  • Security (3)
Workflow Tab

Workflow Security

Defining workflow security involves setting which roles can access the form’s records at each stage in the workflow and what access rights they have.

The Security section is where you define workflow level security, i.e., who can do what with the records created with this form. In this section you determine who can view, edit, or delete records. You can even define who can see or edit each individual field or section, at each workflow stage. You need to create your workflow stages before you can assign security to them. (See the article Workflow 1 – Stages for more details on creating and managing workflow stages.)

Workflow Security

Role & Permission

The Role list simply displays all your application roles.

The Permission here are role specific, and are general permissions for records in this stage of the workflow. The Permission options are:

  • None: Records at the current stage will be completely invisible to the associated role.
  • View: Users in the role will only be able to view records at this stage, not edit or delete them.
  • Edit: Users in the role can edit records at this stage, but not delete them.
  • Delete: Users in the role can edit and delete records at this stage.

Note: If you give a role View permissions here, you will not be able to set any field or section to Edit in the Field Security. If you select None, the Field Security options will be hidden for this role.

Field Security

Depending on the Permission setting you chose for the role, Field Security allows you to set even more specific field and section permissions.

Field Security

Header Overview

In the top-left corner of the image above, you can see that this is the Field Security for the Record Owner role in the Negotiation workflow stage.

Right below that are the Action Buttons for the Negotiation stage highlighted in blue: Mark as Won and Mark as Lost. This means that the Record Owner role can see and click these Action Buttons. You may select the buttons here to hide them from the role; when hidden from the role they will display White here (but they will be invisible on the form).

Field Security Buttons Hidden
Hidden action buttons.

In the top-right corner, Preview as Role opens your form from the perspective of the role. As you make changes to permissions, use this option to make sure the role is seeing exactly what you want.

Copy Permissions allows you to copy section & field permissions that you set for this role, and apply them to other roles. After selecting this option, a dialog will open where you can choose to copy either All Fields, Specific Sections, or Specific Fields. You will then choose which stages and roles you want to apply them to.

If you check the ‘User can save‘ checkbox, users in this role will be able to save any edits or changes they make to the record at this stage, without moving it through the workflow. That is, a save icon will display in the top right corner of the record, enabling them to make changes to the record without needing to use the action buttons. This option only displays if the role has Edit or Edit & Delete permissions for this stage.

Section & Field Permissions

All of your form’s sections and fields are laid out in the Field Security panel. For each field and section, you can pick one of three (3) permission settings: Hidden, Readonly, or Edit.

Field Specific Security Options
Workflow Security Hide IconHidden – This field or section will be completely invisible to the role at this stage.
Workflow Securiy Lock IconRead Only – This field or section will be visible but not editable for the selected role at this stage.
Workflow Security Edit IconEdit – This field or section will be editable for the selected role at this stage.

    Note: Changing a Section’s permission settings will change all fields within that section to that setting. However, you can still change individual field permissions afterward. Section permissions are a good way to quickly change all field permissions simultaneously if, for example, you want the majority of fields to be Readonly, and only a few editable.

    Next Steps

    Learn more about Roles & Users here.

    Learn about creating Email Templates for your workflows here and here.

    Create PDF Templates for your workflows. Learn more here.

    Updated on March 2, 2023
    Was this article helpful?

    Related Articles