Restricting access to a flow

Based on your business requirements and authorization strategies, you can configure how users access your apps. You may want everybody to be able to run the app, or authenticated users only. You can also selectively provide permissions to different parts of the app to different groups of users.

When you are creating a flow, you have three options under the Access menu:

  1. Anyone can run this flow – Select this option to build apps that are public. Anyone with the app URL can run a public app. For example, here is a link to a public app. You can run the app yourself, or share the link with others.
  2. Any user that can login with the selected identity service can run this flow – If you select this option, users need to authenticate themselves before they can run the app. You can select the ManyWho Identity Service for authentication, or third-party service integrations like Salesforce.
  3. Create restrictions for specific users and groups of users – You can select this option to restrict access to specific users or groups for the entire flow. Anyone else, even if they can authenticate correctly with the service, will be rejected.
Note: You can also use a swimlane, by selecting the Swimlane element in the canvas to build an app that passes control between users with different privileges.  For example, there may be an ’employee’ swimlane and a ‘manager’ swimlane for an app that approves expenses submissions.