| The capabilities described on this page are included in Appian's advanced and premium capability tiers. Usage limits may apply. |
Case Management Studio apps use a combination of groups and object security to assign permission levels to users, which can only be configured in Designer.
This page is meant for low-code developers to learn about configuring security for Case Management Studio apps.
As with most Appian objects and apps, use groups to set security for objects in your case management apps. Using groups to set security for your objects allows you to control object access by changing a user's group membership, rather than directly editing the object's role map.
The Case Management Studio base app comes with a number of special, out-of-the-box groups. All groups are preceded by an acronym for the specific application.
| Group Name | Description |
|---|---|
| All Users | All users who use the application in both Workspace and Studio, including internal users and members of the Design Administrators group. |
| Design Administrators | Members of this group have administrator permission to all objects and groups in the app. |
| Application Users | All users who use the app in Workspace and Studio. This does not include members of the Design Administrators group. |
| Service Accounts | Holds all service account users for the app. |
| Internal Users | All users who would be considered employees or workers that should have access to all cases, such as members of the Case Workers and Case Managers groups. |
| Case Workers | All users who have a case worker role. |
| Case Managers | All users who have a case manager role. |
| Business Groups | A parent group to hold all of the organization specific groups that you create to fit your business's security needs, such as groups for specific departments or teams. |
Use the diagram below to better understand the hierarchy of the Case Management Studio groups.
There is an additional out-of-the-box system group for Case Management Studio, Studio Editors, but is not contained in any application. This group is specific to those that can edit objects in Studio and should not be used for object security.
You can easily manage which users are in each of the special Case Management Studio groups the same way you can manage any groups in Designer. To learn more about managing groups and membership, see Group Management.
Setting security for objects generated by Studio, such as interfaces and record types, is the same as setting security for these objects in any other Appian application. Simply edit the object's role map to assign the Case Management Studio groups the appropriate permision to the object.
By default, all generated record types and interfaces use the following rolemap:
For any record type generated by Studio, you can set record level security in addition to record type object security. Record level security allows you to set more granular permission levels to specify which users can see which specific records. Within the context of Case Management Studio, this translates to which cases, case types, and case categories that users have access to.
To determine who can see individual cases, set record level security on case record types. By default, users associated with the case and members of the Internal Users and Service Accounts groups can view and edit cases.
To determine who can see a given case type when creating a new case from workspace, set record level security on the case type record type.
To edit custom case types and case categories in Studio, you must be included in the record type's rolemap.
Configuring Security for Case Management Studio
