M301 ADMIN-PRIVILEGE
Last updated Mar 14, 2017

Grant Administrator Privilege of the Whole System

To set the entire Workflow platform (BPM System), you need to have System Privileges called [System Administrator Authorization], or [User Manager Authorization]. Furthermore, to register a new Business Process Definition (App), You need to have those called [App Creator Authorization].

M301-1-en


a. System Administrator Authorization
Besides granting a System Privilege to an arbitrary user, you can set the whole system
b. User Manager Authorization
You can Add, Suspend a user account, Resetting a user’s password
c. App Creator Authorization
Add new Business Process Definition (App)
R3010 List of Authorization of System Privileges
  • Display of administration menu and control button differs according to the privilege you have
  • For example, you cannot add a User account in the case of having nothing but System Administrator Authorization
a. Minimize Privilege
Grant minimal privilege that is necessary for System Administration Business to the user
b. Forbid Account Sharing
Do not issue such accounts as “Administrator” or “root” that can be sharing
  • There are no such universal and extensive privileges that enable all System Settings or Business Definition
  • In the case of double login by same user account, the ongoing session is disconnected
a. Grant to one User
Select from registered User Accounts
b. Grant to Users in an Organizational unit
Select a registered Organization to grant to all the belonging Users
  • To grant System Privileges, you need to have System Administrator Authotization
  • When granted to members of Organizational unit, the privilege will be lost at leaving from the Organization
  • In granting to Organizational unit, you can limit to the Leaders only
  • All Users can see their own privileges in Account Settings menu

M301-2-en
M301-3-en