The Workflow is executed when it has been added to a Permission Set granted directly or indirectly to the current user.
There is ADMIN level Permission Set FND_BPA_ADMIN to grant permissions to execute all Workflows. If user has grants for this Permission Set directly or indirectly then that user can excecute all the workflows.
For Users that do not have grants for FND_BPA_ADMIN Permission Set, permissions to execute specific workflows can be granted from the Workflows page for each Permission Set.
Currently there are following projections representing a group of BPA functionality, and User needs to be granted permissions to these projections to access Workflow Designer page and perform Save/Deploy to server from Workflow Designer page.
- CamundaRestInterface - this projection is used to respresent the ability to widely access the Camunda Rest APIs. This is intended for integrations and administrators.
- BpaModelerHandling - this projection is used to access the Workflow Designer page. Access to this projection should be granted for intended BPA authors.
- BpaService - this projection is used to represent ability to persist/store BPAs to the server.
On the Workflows Page for Permission Sets view, add, or revoke the Workflow IDs for each Permission Set.
Figure 1 - Workflow grants per Permission Set
The list of Granted Workflows contains all Workflows granted to the Permission Set.
New Workflow(s) are granted to the Permission Set using the Add command. Workflows can be found using the Search assistant.
Selected Workflow(s) are revoked from the Permission Set using the Revoke command.
All deployed Workflows are added to the Permission Set using the Add All command.
All granted Workflows are revoked from the Permission Set using the Revoke All command.