User access to Flow Designer
Summarize
Summary of User Access to Flow Designer
Administrators can manage user access to Flow Designer by assigning specific roles or delegated development permissions, allowing control over which features and content users can access. This enables application developers to utilize Flow Designer functionality effectively through APIs for flows, subflows, and actions.
Show less
Key Features
- Role Assignment: Administrators can grant the
flowdesignerrole, which allows users to create and edit flows and subflows. Caution is advised, as this role provides extensive permissions akin to the admin role. - Flow Designer Roles: Various roles such as
flowoperator,actiondesigner, and read-only roles are available, each granting specific access levels to functionality and execution details. - API Access: Developers can enable flows, subflows, and actions to be client callable, granting greater flexibility in their usage.
- Delegated Development: Administrators can create applications and assign users as developers, controlling access to certain features typically reserved for admins.
- Role-Based Content Filtering: Administrators can define which user roles are needed to access specific Flow Designer content through content definitions and filtering rules.
- Feature Access Management: Access to specific UI elements in Flow Designer can be controlled through the Feature Access List, allowing for tailored user experiences.
Key Outcomes
By effectively managing user access to Flow Designer, organizations can ensure that only authorized users can create and edit flows, maintain security, and streamline development processes. Proper role assignment enhances collaboration and productivity while mitigating risks associated with excessive permissions.
Administrators can grant users access to Flow Designer by assigning delegated development permissions or directly assigning a user role. Administrators can also specify which features and content a user can access based on user roles. Application developers can access Flow Designer functionality through APIs for flows, subflows, and actions.
Access by user role
Administrators can grant access to Flow Designer by directly assigning users the flow_designer user role, which includes the role to view flow execution details.
Administrators can also grant users one or more Flow Designer roles to enable them to create flows and subflows, view flow execution details, and create actions.
| Role title [name] | Description | Contains Roles |
|---|---|---|
| flow_designer | Enables a user to launch the Flow Designer design environment to create and edit flows and subflows. | flow_operator |
| flow_designer_scripting | Enables a user with the flow_designer or action_designer role to set and modify input values by writing inline scripts. For information, see Inline scripts. | none |
| flow_operator | Enables a user to view flow execution details, dashboards, and logs. Administrators can grant this role to users that want to be able to view flow results but not create, change, or test them. | none |
| flow_report_viewer | Enables a user to view reports for Flow Designer tables. For a list of relevant reporting tables, see Flow execution details retention. | none |
| action_designer | Enables a user to launch the Action Designer design environment to create and edit actions. | none |
| action_category_creator | Enables a user with the action_designer role to create action categories for actions and subflows. | none |
| fd_read | Enables a user to launch the Flow Designer and Action Designer design environments to view the configuration and execution
details of flows, subflows, and actions. Note: Read only roles are incompatible with roles that provide write access. Avoid granting the same user both a read only and a write access role. |
fd_read_flows, fd_read_actions, fd_read_operations |
| fd_read_flows | Enables a user to launch the Flow Designer design environment to view
the configuration and execution details of flows and subflows. Note: Read only roles are incompatible with roles that provide write access. Avoid granting the same user both a read only and a write access role. |
fd_read_operations |
| fd_read_actions | Enables a user to launch the Action Designer design environment to
view the configuration of actions. Note: Read only roles are incompatible with roles that provide write access. Avoid granting the same user both a read only and a write access role. |
none |
| fd_read_operations | Enables a user to view flow and action execution details. Administrators can grant
this role to users that want to be able to view flow results but not create, change, or
test them. Note: Read only roles are incompatible with roles that provide write access. Avoid granting the same user both a read only and a write access role. |
none |
API access
Application developers can access Flow Designer functionality through APIs for flows, subflows, and actions. Flow designers can enable individual flows, subflows, and actions to be client callable during design. For more information, see API access to Flow Designer.
Delegated development access
Administrators can grant users access to Flow Designer by creating an application and assigning users as developers with the Flow Designer delegated development permission. Delegated development allows administrators to control whether flow designers can access features normally restricted to admin users such as assigning user roles, creating access controls, or creating scripts. For more information, see Developer permissions.
Role-based content filtering
Specify the user roles necessary to access Flow Designer content. For example, flows, flow triggers, actions, and subflows. Manage content filtering by creating content definitions and content filtering rules. For more information, see Content filtering for Flow Designer.