Page tree
Skip to end of metadata
Go to start of metadata

Permissions are used to control the access to URLs, for example the URL of the portal, of the BPaaS cockpit or the Designer, or the URLs of specific apps. Permissions are assigned to profiles. Depending on his allocated profiles, a user is authorized to open the portal, to work with process apps etc.

The authorization check of the user management is based on Role-based Access Control (RBAC).

Menu "Permissions"

Menu Permissions allows you to create new permissions and to edit existing ones.

It contains the following menu options:

  • Permissions
  • Add Permission

In the Permissions menu, a list of all permissions is displayed in the content area.

Use the filter to limit the content of the list.

This list contains the following information:

  • Name
  • Resource
  • Activated (Yes/No)

Select Add Permission to create a new permission.

An empty permission data sheet will open.

The Permission Data Sheet

The data of each permission is saved in a separate permission data sheet with the following sections:

  1. Master Data
  2. Permission
  3. Meta

Master Data

You can manage the basic data of a permission in the Master Data section.

Name is mandatory.

Permission active

The checkbox indicates whether the permission is activated or not. If you create a new permission, default is active.


It is mandatory to insert the identifier for a new permission in the Name field.


A permission grants access to a defined sector of the platform.

In the Permission section, you will have to insert the resource of that sector.

Do not change or create permissions without any knowledge of JSON.

You can choose additional resources by using the drop down list Possible Resource Information.

Available options are:

  • Path
  • Path with Variable


The Meta section contains a list of the permission's meta data such as:

  • UUID: The UUID allows to identify the permission.
  • Created at: Contains the creation date of the permission.
  • Modified at: Contains the date of the permissions' last modification.
  • Modified by Contains another UUID which allows to identify the last editor of the permission.

The content of section Meta is for documentation purposes only: meta data cannot be changed.

Standard Permissions

Each Scheer PAS platform is delivered with the standard permissions required for the use of the Scheer PAS components. The following table summarizes the standard permissions.

The table can be searched. To do this, enter your search phrase in the search field:

Oops, it seems that you need to place a table or a macro generating a table within the Table Filter macro.

The table is being loaded. Please wait for a bit ...

Permission NameDescription
activity-service Access to the activities
app_adminComponent user management (UI): Access using URL admin
app_fileFile storage without profile check
app_storageFile storage with profile check
app_user_adminComponent user management (UI): Access using URL user-admin
For backward compatibility only - default is app_admin
app-userselfUser self service (UI)
bpaas_editorComponent BPaaS: Access to modeling (UI)
bpaas_executionExecution engine for BPaaS apps
bpaas-cockpitComponent BPaaS cockpit (UI): Access using URL bpaas-cockpit
For backward compatibility only - default is cockpit
bpaas-forms-connector-serviceComponent BPaaS: Integration of Scheer PAS Mobile (Backend)
cockpitComponent BPaaS cockpit (UI): Access using URL cockpit
customer_serviceAccess to integration (xUML) services and UIs
designer-serviceComponent BPaaS: Editor for mobile forms (Backend)
form-designer-appComponent BPaaS: Editor for mobile forms (UI)


Access to LDAP service
management_consoleAccess to component Administration (UI)
model_editorAccess to component Business Modeler (UI)
model_editor_serviceAccess to component Business Modeler (Backend)
pas_designerAccess to component Designer (UI)
pas_designer_serviceAccess to component Designer (Backend)
portal_administrationAccess to the tile "Administration" in the Portal
portal_api_managementAccess to the tile "API Management" in the Portal
Access to the Portal
portal_cockpitAccess to the tile "BPaaS" in the Portal
portal_cron_managerAccess to the tile "Cron Manager" in the Portal
portal_designerAccess to the tile "Designer" in the Portal
portal_dev_portalAccess to the tile "API Developer Portal" in the Portal


Access to the tile "File Manager" in the Portal and to the UI of component File Manager
portal_home_permissionAccess to the homepage of the Portal
portal_integrationAccess to the tile "Integration" in the Portal
portal_keycloakAccess to the tile "Keycloak" in the Portal
portal_kibanaAccess to the tile "Kibana" in the Portal
portal_model_editorAccess to the tile "Business Modeler" in the Portal
portal_process_analyticsAccess to the tile "Process Mining" in the Portal
portal_process_monitorAccess to the tile "Process Monitor" in the Portal
portal_user_managementAccess to the tile "User Management" in the Portal
portal_xuml_monitorAccess to the tile "xUML Service Monitor" in the Portal
process_monitorAccess to component Process Monitor (UI)
sap-restifierAccess to SAP Restifier
service_analytics_api Component Process Mining (Backend): Reading the analytics database
service_analytics_collectorComponent Process Mining (Backend): Collecting data from services


Component Process Mining (Backend):  Importing data to the analytics database
service_bpaas_backendComponent BPaaS: Modeling (Backend)
service_bpaas_cockpitComponent BPaaS: Cockpit (Backend)
service_bpaas_robot_connector Component BPaaS: Integration of RPA (Backend)
service_bpaas_robot_connector_continue_instance Component BPaaS/RPA (Backend): Continuing an instance
service_bpaas_robot_connector_get_current_user_job_queue_itemsComponent BPaaS/RPA (Backend): Showing robot processes by user
service_bpaas_robot_connector_get_environments Component BPaaS/RPA (Backend): Reading the robot environments
service_bpaas_robot_connector_get_instance Component BPaaS/RPA (Backend): Loading an instance
service_bpaas_robot_connector_get_instance_from_queueComponent BPaaS/RPA (Backend): Listing all queued instances
service_bpaas_robot_connector_get_jobs_statsComponent BPaaS/RPA (Backend): Getting list of robot jobs
service_bpaas_robot_connector_get_process_informationComponent BPaaS/RPA (Backend): Listing robot process information


Component BPaaS/RPA (Backend): Analyzing the UIPath process
service_bpaas_robot_connector_get_processes_by_environmentComponent BPaaS/RPA (Backend): Loading robot processes by environment
service_bpaas_robot_connector_get_robot_history Component BPaaS/RPA (Backend): Loading robot history
service_bpaas_robot_connector_get_robot_logs Component BPaaS/RPA (Backend): Loading robot logs
service_bpaas_robot_connector_get_robot_processes Component BPaaS/RPA (Backend): Loading robot processes
service_bpaas_robot_connector_get_robots Component BPaaS/RPA (Backend): Loading robots
service_bpaas_robot_connector_get_sessionsComponent BPaaS/RPA (Backend): Listing robot session information from the orchestrator
service_bpaas_robot_connector_get_sessions_statsComponent BPaaS/RPA (Backend): Getting the total number of robots aggregated by robot state
service_bpaas_robot_connector_has_access_on_profileComponent BPaaS/RPA (Backend): Checking robot authorization for profiles
service_bpaas_robot_connector_save_instance Component BPaaS/RPA (Backend): Saving an instance
service_bpaas_robot_connector_set_error_status Component BPaaS/RPA (Backend): Setting the error status of a robot
service_bpaas_robot_connector_set_status Component BPaaS/RPA (Backend): Setting the status of a robot
service_bpaas_robot_connector_start_instanceComponent BPaaS/RPA (Backend): Starting an instance
service_bpaas_robot_connector_start_robot Component BPaaS/RPA (Backend): Starting a robot
service_bpaas_robot_connector_start_robot_without_instanceComponent BPaaS/RPA (Backend): Starting a robot without requiring a PAS instance
service_cronComponent Cron Manager: Time-controlled event execution (Backend)

Component Cron Manager: Allows access to availableServices event of the service repository

service_cron-service_controlJobComponent Cron Manager: Allows access to controlJob event of cron-service
service_cron-service_getJobsComponent Cron Manager: Allows access to getJobs event of cron-service
service_cron-service_registerJobComponent Cron Manager: Allows access to registerJob event of cron-service
service_cron-service_unregisterJobComponent Cron Manager: Allows access to unregisterJob event of cron-service
service_mailEmail dispatch (Backend)
service_messaging-serviceAccess to messaging service
service_persistence Database access (Backend)
service_service-repository_available_servicesAccess to availableServices API from service repository
service_service-repository_change_service_configAccess to changeServiceConfig API from service repository
service_service-repository_control_serviceAccess to controlService API from service repository
service_service-repository_get_configAccess to getConfig API from service repository
service_service-repository_get_serviceAccess to getService API from service repository
service_service-repository_get_servicesAccess to getServices API from service repository
service_service-repository_get_validation_patternsAccess to getValidationPatterns API from service repository


Access to getVersion API from service repository
service_service-repository_update_log_levelAccess to updateLogLevel API from service repository

The access to the user administration is separated in multiple single permissions.
For further information how to use these, please contact the Scheer PAS Support team.

service-reportingMS Office data export (Backend)
service-userselfUser self service (Backend)
transaction_loggerComponent Process Mining: Saving the transaction log
xuml_library_repositoryAccess to xUML library repository


Access to xUML library repository service

Access to xUML Service Monitor

  • No labels