3

Security settings for flows

Introduction

Flow Admins can manage the sharing of their flow data with other flows within the Kissflow platform through the security settings page. This system provides a more robust, flexible, and granular approach to controlling access to processes, datasets, boards, and dataforms.

The security settings page allows you to manage permissions for the following Kissflow artifacts:

  1. Lookup

  2. Integration

  3. Impersonation

Accessing security settings

To manage the security settings for a specific flow, follow these steps:

  1. Navigate to the flow:

    • Go to the process, board, dataset, or dataform you want to manage.

  2. Open security settings:

    • Look for the Security settings option in the Settings page.

    • Click Security settings to open the security settings page. 

Global permissions

Global permissions are the overarching access rules that apply to all flows within your account. They serve as the default access settings for all the flows in your Kissflow account. By default, All flows permission is enabled for most artifacts except for integration and impersonation. 

Setting up global permissions

To manage global permissions for all flows within your account, navigate to the flow where you want to manage security settings and click on Security settings. On the security settings page, locate the Global Permissions section. For each artifact, such as Lookup or Integrations, you'll see a checkbox. Enable or disable the checkbox to set global permissions for that artifact. By default, permissions for All flows are turned ON for all artifacts except Integration and Impersonation. To adjust these permissions, simply check or uncheck the desired artifacts. For example, unchecking the Lookup artifact for All flows ensures that no flow in the platform can perform lookups on this flow.

Note:

Disabling an artifact here will restrict its use across all flows unless overridden by customized permissions.

Customized permissions

Customized permissions allow for fine-grained control over access at the individual flow level, overriding global permissions when configured. These settings can be set for specific flows, providing more detailed control over which artifacts and fields can be accessed.

Setting up customized permissions

Custom permissions allow flow admins to grant exclusive permissions for specific flows. These permissions can be configured to override global permissions. To set up custom permissions, go to the security settings page of the desired flow and select the specific permissions needed. You can choose to grant permissions for all fields or select specific fields for the Lookup artifact. When adding a new flow under custom permissions, the global settings are carried over and can be overridden. If custom permissions are removed, the global permissions will automatically apply.

Note:

If no customized permission is set for a flow, it follows the global permission settings.

Removing customized permissions

If you remove customized permissions for a specific flow, the flow will revert to using global permission settings. This change takes effect immediately. To remove customized permissions for a specific flow, click the Remove Customized Permission button on the right of the flow. Next, check if there are any lookup dependencies or other impacts from deleting this permission. Finally, click Remove to confirm and remove the customized permissions.

Lookup field selection

When configuring Lookup permissions, you have the option to select "All fields" to grant access to all fields in the lookup. Alternatively, you can choose "Select fields" to specify which fields are accessible. If you opt to select specific fields, a list of available fields will be displayed for you to choose from.

Integrations

Integrations with non-Kissflow triggers, such as DocuSign or Webhooks, can be added as flows under customized permissions. However, a flow's self-trigger and action do not require exclusive permissions to be defined in the security settings page. This allows for flexible integration setup while maintaining simplified permission management for core flow components.

Within apps

For applications within Kissflow:

  • App admins have the ability to link apps together.

  • When linking, admins can specify which fields from the source flow within an app are accessible to the destination app.