Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Apply rights on process

Hi everyone,

I've created a process in LiveCycle, which is accessible from the workspace.

Is there a way to make this process accessible only for one group that I've created ?

To sum up, I want to filter the access to this process to this only group.



0 Replies


Level 4

Hi Again,

Thats possible check out the options in Admin UI.

Home > Services > Applications and Services > Service Management

Configure Your Process under Security Tab Use options 1- Require callers to authenticate and 2-Specify Run As

In Role Management Category assign Service Invoke to the Group that want to access this process.

Regards --



Hi again,

The problem is that I have other processes on the same server that needs to be accessible for all users. So all my LDAP sync users have the service invoke role.

Is there a way to assign a specific process only to a specific LC group ?




Level 4

Hey Thomas,

I think we cannot assign a specific process only to a specific LC group.

You can have a decision service in the begining of that process which identifies the user who invoked the process based on that you can execute the furthur steps or just exit.

Will this Help --


Not really, what I want is that only members of this group can view (and access) this process through the workbench.

So you think there is no way to do so ?


Level 4

May be no Thomas, lets wait for a correct answer !!


Level 3

You can do that by performing the follwoing:

Click on add principal and add that specific group which should have access to this particular process.

Hope that helps

Hi Vikas,

I already tried that, the thing is I have many options that I don't really understand here when selecting a group :

INVOKE_PERMAllows Invocation of all operations on the Service
MODIFY_CONFIG_PERMModify the configuration of the Service
SUPERVISOR_PERMView process instance data for the Service that has been created from a Process
START_STOP_PERMStart or Stop the Service.
ADD_REMOVE_ENDPOINTS_PERMAdd, remove and modify end points for the Service
CREATE_VERSION_PERMCreate a new version of the Service
DELETE_VERSION_PERMDelete a version of the Service
MODIFY_VERSION_PERMModify a version of the Service
READ_PERMRead or view the Service

What I understand from this is that those options add optional rights to this group.

That doesn't mean that other users who are not in this group won't be able to see this process, am I right ?

Hmm ...

Does that mean that I have to delete the role "Service Invoker" to all my users, and change the READ_PERM of all my other processes ?

Yep, that's it !

I need for all entities to set the role "Workspace User" but not the "invoke service role".

For all of my other processes, I assigned the role (add principal) "read_perm" to all entities.

For this single process, I assigned the role (add principal) "read_perm" to this group only.

That works !

Unfortunatly they can still see the category, but not the processes inside !