Restrict access for user groups to certain process steps


Is there a way to restrict certain process steps for certain user groups? I see the candidate groups in the modeler, but I understood that those are not restrictions and any other user can see those steps / tasks to themselves any way.

Thanks and kind regards,

Hello @Deniss_Makarenkov

When you set candidate group for a specific task then by default UPDATE permission is granted for that task to all users who are members of that candidate group.

See below link for more details

You can use the filters concept to restrict the display of specific tasks to the assigned candidate group (see filter name “Tasks of a specific group” in below link)

1 Like

Hello! First time posting on the forum. Found this old thread, thought I’d ask on here instead of creating a new thread to benefit others than may come along after me.

So I’m using Camunda BPM Run and I’m trying to set the configuration property defaultUserPermissionNameForTask to TASK_WORK via the default.yml configuration file.

It seems the app detects the property just fine (it complains when I add in some other string like “Task Work”). But it seems to have no effect (i.e. I expect a user who doesn’t belong to the user task’s candidate groups or candidate users, to not be able to see it on their Tasklist app - but they do anyway).

Am I missing something?

Hi @saifulss,

have you enabled the authorization at all:

Hope this helps, Ingo