Introducing Flow-Based Access Control in Kissflow

We are pleased to announce the latest addition to Kissflow - Flow-Based Access Control, designed to enhance integration and authentication processes within Kissflow.

What is Flow-Based Access Control (FBAC)?
With Flow-Based Access Control (FBAC), administrators can whitelist specific data flows, thereby eliminating the need for user authentication when configuring actions in integrations. 

Key Enhancements to Security Settings with Flow-Based Access Control

We have incorporated flow-based access control into security settings, resulting in a complete revamp of security settings across all Apps and the platform.

Permissions for Kissflow Artifacts: Admins can now manage permissions for the following artifacts from the security settings page:

• Lookup

• Integration

• Impersonation

Global Permissions: These general access rules apply to all flows within an account. Permissions are enabled by default for all artifacts except Integration and Impersonation, which can be managed through the Global Permissions section on the security settings page.

Customized Permissions: Flow admins can now set granular controls for individual flows, overriding global permissions when configured. This provides precise control over which flows and fields can be accessed.

Lookup Field Selection: Admins can expose only a specific set of fields to a particular flow, enhancing security and data control.

Apps Behavior: App admins can link apps together and specify which fields from the source flow are accessible to the destination app, improving integration and data sharing.

Integration Flexibility: Integrations with third-party triggers, such as DocuSign and Webhooks, can be incorporated as workflows under custom permissions, enhancing flexibility and functionality. 

Dependency Alerts on Removing Access: When a flow admin revokes permission, a dependency dialog with a warning is displayed to the administrator.

Here's an instance. Sarah, the HR admin at Stark Corporation, uses flow-based access control to securely integrate data from an external recruitment platform into their HR system for employee onboarding. She has customized permissions to only allow the HR team to access sensitive fields such as social security numbers and bank details. Lookup fields like job title and department are selectively exposed to other departments for necessary access.

Read more about this here. 

Your feedback is important to us. Please log in to like this post if you found these enhancements useful, and leave your feedback in the comments below.

We recommend you post your Kissflow support queries in the Get Help section. Rest assured, you'll receive immediate attention and assistance from our support team.