Security settings for flows
Introduction
Flow Admins can manage the sharing of their flow data with other flows within the Kissflow platform through the security settings page. This system provides a more robust, flexible, and granular approach to controlling access to processes, datasets, boards, and dataforms.
The security settings page allows you to manage permissions for the following Kissflow artifacts:
Lookup
Integration
Impersonation
Accessing security settings
To manage the security settings for a specific flow, follow these steps:
Go to the process, board, dataset, or dataform you want to manage.
Click the Manage button > Security
Global permissions
Global permissions are the overarching access rules that apply to all flows within your account. They serve as the default access settings for all the flows in your Kissflow account. By default, All flows permission is enabled for most artifacts except for integration and impersonation.
Setting up global permissions
On the Security page, locate the Global permissions section. For each artifact, such as Lookup or Integrations, you'll see a checkbox. Enable or disable the checkbox to set global permissions for that artifact. By default, permissions for All flows are turned ON for all artifacts except Integration and Impersonation. To adjust these permissions, simply check or uncheck the desired artifacts. For example, unchecking the Lookup artifact for All flows ensures that no flow in the platform can perform lookups on this flow.
Note:
Disabling an artifact here will restrict its use across all flows unless overridden by customized permissions.
Customized permissions
Customized permissions allow for fine-grained control over access at the individual flow level, overriding global permissions when configured. These settings can be set for specific flows, providing more detailed control over which artifacts and fields can be accessed.
Setting up customized permissions
Custom permissions allow flow admins to grant exclusive permissions for specific flows. These permissions can be configured to override global permissions. To set up custom permissions, go to the security settings page of the desired flow and select the specific permissions needed. You can choose to grant permissions for all fields or select specific fields for the Lookup artifact. When adding a new flow under custom permissions, the global settings are carried over and can be overridden. If custom permissions are removed, the global permissions will automatically apply.
Note:
If no customized permission is set for a flow, it follows the global permission settings.
Removing customized permissions
If you remove customized permissions for a specific flow, the flow will revert to using global permission settings. This change takes effect immediately. To remove customized permissions for a specific flow, click the Remove customized permission button on the right of the flow. Next, check if there are any lookup dependencies or other impacts from deleting this permission. Finally, click Remove to confirm and remove the customized permissions.
Lookup field selection
When configuring Lookup permissions, you have the option to select All fields to grant access to all fields in the lookup. Alternatively, you can choose Select fields to specify which fields are accessible. If you opt to select specific fields, a list of available fields will be displayed for you to choose from.
Integrations
Integrations with non-Kissflow triggers, such as DocuSign or Webhooks, can be added as flows under customized permissions. However, a flow's self-trigger and action do not require exclusive permissions to be defined in the security settings page. This allows for flexible integration setup while maintaining simplified permission management for core flow components.
Within apps
For applications within Kissflow:
App admins have the ability to link apps together.
When linking, admins can specify which fields from the source flow within an app are accessible to the destination app.