WELCOME TO THE COMMUNITY
find what you are looking for or ask a new question
Home > Knowledge Base > General > Using BPS users list

Using BPS users list

18.01.2021

0

0
General
#admin panel #bps users #active directory #external users 
Applies to version 2020.1.3; author: Michał Kastelik

 

Introduction

It may be necessary to grant access to WEBCON BPS Portal and its processes to users from outside the organization. Such a user will most often not have an account in the organizational Active Directory (or in another user database).

Examples of such situations are:

  • processes of negotiating contracts with contractors
  • employment of subcontractors and contract employees
  • consultation with external consultants

 

To avoid adding external users to the organizational user database, WEBCON BPS allows you to add them from the portal’s administration panel. After adding the user, they must be granted appropriate privileges to the required WEBCON BPS processes.

To properly understand the operation of the user’s administration panel, two concepts should be introduced:

  • Authentication – the process of verifying a user’s identity through a login and password, one-time password tokens, etc.
  • Authorization – the process following user authentication, that checks if a user has access to a given resource, etc.

 

Adding a user via administration panel is used to authorize and enable access to WEBCON BPS Portal for accounts managed by external identity providers, such as Google, Azure ID, LiveID, BPS Auth, ADFS. First, the user must authenticate with the appropriate provider, for example with a login and password. To log into WEBCON BPS Portal, authentication with external providers must be configured in Designer Studio.

It is possible to configure the authentication so that you can log into WEBCON BPS Portal with an external provider. However, the BPS users list will not be automatically synchronized with that provider. After adding the user to the BPS users list, the system administrator must grant them access to the required application(s) and process(es). In the case of WEBCON BPS Cloud, the administration panel is also used to manage user licenses.

 

Business case

To explain how to use the BPS users list, we have created a simple “Purchase order” workflow.  At the “Purchase order approval” step, it is necessary to consult the order with a person from outside the organization; they are not on the BPS users list. To do so, we will add an external user and give them appropriate privileges.

 

The image shows the fragment of the Purchase order workflow

Fig. 1. The fragment of the “Purchase order” workflow

 

Adding a user to the WEBCON BPS users list

To add a user to the list from the portal level, you must have global system administrator privileges (System settings -> Global parameters -> Global privileges). Go to the Administration tab -> User management -> All users.

 

The image shows the administration panel tab

Fig. 2. The Administration panel

 

 

The image shows the All users tab

Fig. 3. The All users tab

 

The WEBCON BPS users list contains both users synchronized with the internal user database and external users (“Type” column). The list of users synchronized with AD comes from Active Directory and is completed after each synchronization. In the case of WEBCON BPS Cloud, the users list administration tab is also used to manage user licenses:

  • User CAL license – a user has access to BPS Portal
  • Power User CAL license – a user has access to WEBCON BPS Designer Studio

 

Let’s add the “Artur Rohacz” user from the external “WeeSter” company to the user's list. Select the “Add” button and fill out the user’s details. Remember that the BPS ID field should be completed with the target user ID on WEBCON BPS Portal (usually an e-mail address).

 

The image shows how to add a user in the administration panel

Fig. 4. Adding a user in the administration panel of WEBCON BPS Portal

 

After creating the account, it will appear in the luser's list on the Portal and will be automatically defined as the external user’s account (Defined – External User).

 

The image shows the list of all BPS users

Fig. 5. The list of BPS users with the external user

 

Artur Rohacz is also visible in the WEBCON BPS users list in Designer Studio.

 

The image shows the users list in Designer Studio

Fig. 6. Users list in Designer Studio

 

After adding an external user, their account will be treated the same as Active Directory accounts (i.e., accounts of the organization’s employees). For example, it will be possible to give them tasks (Fig.7) and assign them to BPS groups (Fig.8).

 

The image shows the task assigned to the Artur Rohacz user

Fig. 7. The task assigned to the Artur Rohacz

 

 

The image shows how to add a user to the BPS group

Fig. 8. The user was added to the BPS_EXTERNAL group

 

Granting privileges to the application and process

To grant the user access to the application, you must add privileges in Designer Studio. On the application level, select the “User privileges” tab and add the user in the “Read-only” section.

 

The image shows how to grant privileges to the external user

Fig. 9. Granting privileges on the application level

 

Now, Artur Rohacz will have access to the” Purchase order” application and instances (processes) in which they collaborated. It which should be sufficient in the business case we present.

However, if you want to grant the user access to all process elements, you can do this on the process level. To do so, go to the “User privileges” tab add the user in the “Access all workflow instances and attachments” section (or another field of the Access type).

 

The image shows how to grant privileges on the process level

Fig. 10. Granting privileges on the process level

Comments (0)

Login to add comment
Login
No comments yet
Menu
Czerwone Maki 87
30-392 Krakow, Poland
office@webcon.com
+48 12 443 13 90