The access to individual components or modules of a Web App can be controlled by access rights assigned to user groups or roles. These access rights define which users are allowed to access which Web Apps or individual components.
Roles are assigned by the identity provider (IdP) configured on the system (for example, Keycloak or other OIDC-compliant IDPs). Each user can be assigned one or more roles.
You can set the access rights in the .wac file in the Access Rights Configuration pane of the Access Right tab.
Note:
In the Source view, access to the Web App is specified via roles in the <AccessRights> element.
To create the Access Rights
-
Open the
.wacfile. -
Go to the Access Right tab.
-
In the Access Rights area, click Add.
-
Enter a name for the new Access Right.
This name is used in the components and modules in the accessRight attribute.
-
In the Roles section, click Add.
-
Specify the exact name of the associated role.
The name must correspond exactly to the name of the role in the identity provider. Otherwise, it is not possible to match the role in X4 BPMS with the role in the identity provider.
⇾ You can now use the roles created in the components and modules in the accessRight attribute.