Administration > Workflows > Privileges for workflows
  

Privileges for workflows

Each workflow defines one or more specific user roles. The users that can participate in a workflow depend on the steps and the user roles that are defined in the workflow.
Before you design workflows and configure workflow events in Metadata Command Center, you must assign additional privileges to existing user roles to work with workflow tickets. You can either modify existing user roles with additional privileges or create a separate user role and assign the role to existing users. The predefined Governance Administrator Stakeholder role in Metadata Command Center includes features and privileges that you need to configure and manage workflows.
You need specific privileges to perform different tasks related to configuring workflows. These privileges are related to and dependent on each other.
In addition to specific privileges, you need to have at least one access policy that grants you permission to configure and manage workflows. The predefined Governance Administrator Stakeholder access policy grants you permission to configure and manage workflows.

Minimum privileges to design workflows in Metadata Command Center

To design workflows, ensure that your organization administrator grants the minimum required privileges and permissions to the user role.
The following table lists the minimum privileges and permissions needed to design workflows:
Service
Asset Privilege
Feature Privilege
Metadata Command Center
None
Workflow Designer

Minimum privileges to manage workflows and event configurations in Metadata Command Center

To manage workflows, ensure that your organization administrator grants the minimum required privileges and permissions to the user role.
The following table lists the minimum privileges and permissions needed to manage workflows and event configurations:
Service
Asset Privilege
Feature Privilege
Metadata Command Center
None
Manage Workflows

Minimum privileges to select and view workflows in Metadata Command Center

To ensure that a user role can select and view workflows while configuring workflow events in Metadata Command Center, assign the minimum required privileges to the role.
The following table lists the minimum privileges that must be configured in Administrator to select and view workflows while configuring workflow events:
Service
Asset Privilege
Feature Privilege
Metadata Command Center
None
  • - Access Metadata Command Center Application
  • - View Workflows
Required for existing Application Integration workflows.
Data Governance and Catalog
None
Participate in Change Approvals

Minimum privileges to create workflow tickets in Data Governance and Catalog

To create workflow tickets, ensure that your organization administrator grants the minimum required privileges and permissions to the user role.
The following table lists the minimum privileges and permissions needed to create workflow tickets:
Service
Privileges and Permissions
Administrator
Read privilege for User, Role, and Group configured in Administrator
Required for existing Application Integration workflows.
Application Integration
  • - Read privilege for Application Integration assets configured in Administrator
  • - Console Administration feature privilege configured in Administrator
Required for existing Application Integration workflows.
Metadata Command Center
  • - Existing Application Integration workflows require Read and Update permissions for the technical or business asset types configured through access policies in Metadata Command Center.
  • - New workflows require Read permission for the technical or business asset types configured through access policies in Metadata Command Center.
Data Governance and Catalog
  • - Access Data Governance And Catalog Application feature privilege configured in Administrator
Human Tasks
  • - Read privilege for Human Task Assets configured in Administrator
  • - View Tasks feature privilege configured in Administrator
Required for existing Application Integration workflows.

Minimum privileges required for stakeholders to work with workflow tickets

If you're a stakeholder and you want to work with workflow tickets, ensure that your organization administrator grants the minimum required privileges and permissions to your user role.
The following table lists the minimum privileges and permissions needed for stakeholders to work with workflow tickets:
Service
Privileges and Permissions
Administrator
Read privilege for User, Role, and Group configured in Administrator
Application Integration
  • - Read privilege for Application Integration assets configured in Administrator
  • - View Application Integration Console feature privilege configured in Administrator
  • - Monitoring feature privilege configured in Administrator
Required for existing Application Integration workflows.
Metadata Command Center
  • - Existing Application Integration workflows require Read and Update permissions for the technical or business asset types configured through access policies in Metadata Command Center.
  • - New workflows require Read permission for the technical or business asset types configured through access policies in Metadata Command Center.
  • - Delete permission for the technical or business asset types configured through access policies in Metadata Command Center.
    • Required to reject workflows for creating a new asset.
  • - Read and Update permissions on the Unpublished Changes attribute group for the technical or business asset types configured through access policies in Metadata Command Center.
    • Required to reject workflows for modifying an existing asset.
Data Governance and Catalog
  • - Access Data Governance And Catalog Application feature privilege configured in Administrator
  • - Participate in Change Approvals feature privilege configured in Administrator
  • - You must be a stakeholder on the asset.
Human Tasks
  • - Read privilege for Human Task Assets configured in Administrator
  • - View Tasks feature privilege configured in Administrator
Required for existing Application Integration workflows.

Minimum privileges for users to cancel open workflow tickets in Data Governance and Catalog

To cancel open workflow tickets without being a stakeholder on the asset, ensure that your organization administrator grants the minimum required privileges and permissions to your user role.
The following table lists the minimum privileges and permissions needed for users to cancel open workflow tickets:
Service
Privileges and Permissions
Administrator
Read privilege for User, Role, and Group configured in Administrator
Application Integration
  • - Read privilege for Application Integration assets configured in Administrator
  • - Console Administration feature privilege configured in Administrator
Required for existing Application Integration workflows.
Metadata Command Center
  • - Existing Application Integration workflows require Read and Update permissions for the technical or business asset types configured through access policies in Metadata Command Center.
  • - New workflows require Read permission for the technical or business asset types configured through access policies in Metadata Command Center.
Data Governance and Catalog
  • - Access Data Governance And Catalog Application feature privilege configured in Administrator
  • - Manage Tickets feature privilege configured in Administrator
    • Note: The Manage Tickets privilege is needed only if you are not a stakeholder of the asset.
Human Tasks
  • - Read privilege for Human Task Assets configured in Administrator
  • - View Tasks feature privilege configured in Administrator
Required for existing Application Integration workflows.