Permissions are used to control the access to URLs, for example the URL of the portal, of the BPaaS cockpit or the Designer, or the URLs of specific apps. Permissions are assigned to profiles. Depending on his allocated profiles, a user is authorized to open the portal, to work with process apps etc.

Menu "Permissions"

Menu Permissions allows you to create new permissions and to edit existing ones.

It contains the following menu options:

  • Permissions
  • Add Permission

In the Permissions menu, a list of all permissions is displayed in the content area.

This list contains the following information:

  • Name
  • Resource
  • Activated (Yes/No)

Select Add Permission to create a new permission.

An empty permission data sheet will open.

The Permission Data Sheet

The data of each permission is saved in a separate permission data sheet with the following sections:

  1. Master Data
  2. Permission
  3. Meta

Master Data

You can manage the basic data of a permission in the Master Data section.

Name is mandatory.

Permission active

The checkbox indicates whether the permission is activated or not. If you create a new permission, default is active.

Name

It is mandatory to insert the identifier for a new permission in the Name field.

Permission

A permission grants access to a defined sector of the platform.

In the Permission section, you will have to insert the resource of that sector.

You can choose additional resources by using the drop down list Possible Resource Information.

Available options are:

  • Path
  • Path with Variable

Meta

The Meta section contains a list of the permission's meta data such as:

  • UUID: The UUID allows to identify the permission.
  • Created at: Contains the creation date of the permission.
  • Modified at: Contains the date of the permissions' last modification.
  • Modified by Contains another UUID which allows to identify the last editor of the permission.

Standard Permissions

Each Scheer PAS platform is delivered with the standard permissions required for the use of the Scheer PAS components. The following table summarizes the standard permissions.

The table can be searched. To do this, enter your search phrase in the search field:

Permission NameDescription
activity-service Access to the activities
app_adminComponent user management (UI): Access using URL admin
app_fileFile storage without profile check
app_storageFile storage with profile check
app_user_adminComponent user management (UI): Access using URL user-admin
For backward compatibility only - default is app_admin
app-userselfUser self service (UI)
bpaas_editorComponent BPaaS: Access to modeling (UI)
bpaas_executionExecution engine for BPaaS apps
bpaas-cockpitComponent BPaaS cockpit (UI): Access using URL bpaas-cockpit
For backward compatibility only - default is cockpit
bpaas-forms-connector-serviceComponent BPaaS: Integration of Scheer PAS Mobile (Backend)
cockpitComponent BPaaS cockpit (UI): Access using URL cockpit
customer_serviceAccess to integration (xUML) services and UIs
designer-serviceComponent BPaaS: Editor for mobile forms (Backend)
form-designer-appComponent BPaaS: Editor for mobile forms (UI)

ldap-auth-service

Access to LDAP service
management_consoleAccess to component Administration (UI)
model_editorAccess to component Business Modeler (UI)
model_editor_serviceAccess to component Business Modeler (Backend)
pas_designerAccess to component Designer (UI)
pas_designer_serviceAccess to component Designer (Backend)
portal_administrationAccess to the tile "Administration" in the Portal
portal_api_managementAccess to the tile "API Management" in the Portal
portal_base_permission
Access to the Portal
portal_cockpitAccess to the tile "BPaaS" in the Portal
portal_cron_managerAccess to the tile "Cron Manager" in the Portal
portal_designerAccess to the tile "Designer" in the Portal
portal_dev_portalAccess to the tile "API Developer Portal" in the Portal

portal_file_manager

Access to the tile "File Manager" in the Portal and to the UI of component File Manager
portal_home_permissionAccess to the homepage of the Portal
portal_integrationAccess to the tile "Integration" in the Portal
portal_keycloakAccess to the tile "Keycloak" in the Portal
portal_kibanaAccess to the tile "Kibana" in the Portal
portal_model_editorAccess to the tile "Business Modeler" in the Portal
portal_process_analyticsAccess to the tile "Process Mining" in the Portal
portal_process_monitorAccess to the tile "Process Monitor" in the Portal
portal_user_managementAccess to the tile "User Management" in the Portal
portal_xuml_monitorAccess to the tile "xUML Service Monitor" in the Portal
process_monitorAccess to component Process Monitor (UI)
sap-restifierAccess to SAP Restifier
service_analytics_api Component Process Mining (Backend): Reading the analytics database
service_analytics_collectorComponent Process Mining (Backend): Collecting data from services

service_analytics_etl

Component Process Mining (Backend):  Importing data to the analytics database
service_bpaas_backendComponent BPaaS: Modeling (Backend)
service_bpaas_cockpitComponent BPaaS: Cockpit (Backend)
service_bpaas_robot_connector Deprecated as of PAS 21.2 Component BPaaS: Integration of RPA (Backend) 
service_bpaas_robot_connector_continue_instance Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Continuing an instance
service_bpaas_robot_connector_get_current_user_job_queue_itemsDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Showing robot processes by user 
service_bpaas_robot_connector_get_environments Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Reading the robot environment
service_bpaas_robot_connector_get_instance Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading an instance 
service_bpaas_robot_connector_get_instance_from_queueDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Listing all queued instances 
service_bpaas_robot_connector_get_jobs_statsDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Getting list of robot jobs 
service_bpaas_robot_connector_get_process_informationDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Listing robot process information 

service_bpaas_robot_connector_get_process_parameter

Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Analyzing the UIPath process 

service_bpaas_robot_connector_get_processes_by_environmentDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading robot processes by environment 
service_bpaas_robot_connector_get_robot_history Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading robot history 
service_bpaas_robot_connector_get_robot_logs Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading robot logs
service_bpaas_robot_connector_get_robot_processes Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading robot processes
service_bpaas_robot_connector_get_robots Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Loading robots
service_bpaas_robot_connector_get_sessionsDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Listing robot session information from the orchestrator
service_bpaas_robot_connector_get_sessions_statsDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Getting the total number of robots aggregated by robot state 
service_bpaas_robot_connector_has_access_on_profileDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Checking robot authorization for profiles
service_bpaas_robot_connector_save_instance Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Saving an instance
service_bpaas_robot_connector_set_error_status Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Setting the error status of a robot
service_bpaas_robot_connector_set_status Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Setting the status of a robot
service_bpaas_robot_connector_start_instanceDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Starting an instance
service_bpaas_robot_connector_start_robot Deprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Starting a robot
service_bpaas_robot_connector_start_robot_without_instanceDeprecated as of PAS 21.2 Component BPaaS/RPA (Backend): Starting a robot without requiring a PAS instance
service_cronComponent Cron Manager: Time-controlled event execution (Backend)
service_cron-service_availableServices

Component Cron Manager: Allows access to availableServices event of the service repository

service_cron-service_controlJobComponent Cron Manager: Allows access to controlJob event of cron-service
service_cron-service_getJobsComponent Cron Manager: Allows access to getJobs event of cron-service
service_cron-service_registerJobComponent Cron Manager: Allows access to registerJob event of cron-service
service_cron-service_unregisterJobComponent Cron Manager: Allows access to unregisterJob event of cron-service
service_mailEmail dispatch (Backend)
service_messaging-serviceAccess to messaging service
service_persistence Database access (Backend)
service_service-repository__xuml_deploy_serviceAccess for deploying an xUML service running as container
service_service-repository__xuml_endpointsAccess for fetching registered endpoints from an xUML service running as container
service_service-repository__xuml_get_configAccess for fetching configuration for a deployed xUML service
service_service-repository__xuml_remove_serviceAccess for removing an xUML service running as container
service_service-repository__xuml_restart_serviceAccess for restarting an xUML service running as container
service_service-repository__xuml_start_serviceAccess for starting an xUML service running as container
service_service-repository__xuml_status_serviceAccess for fetching running state for an xUML service running as container
service_service-repository__xuml_stop_serviceAccess for stopping an xUML service running as container
service_service-repository_available_servicesAccess to availableServices API from service repository
service_service-repository_change_service_configAccess to changeServiceConfig API from service repository
service_service-repository_control_serviceAccess to controlService API from service repository
service_service-repository_get_configAccess to getConfig API from service repository
service_service-repository_get_serviceAccess to getService API from service repository
service_service-repository__docker_get_imagesAccess for fetching all stored images in your private docker registry 
service_service-repository__docker_build_imageAccess for building a docker image (like xuml images) 
service_service-repository__docker_deploy_containerAccess for deploying arbitrary containers previously build and stored in local docker registry
service_service-repository_get_servicesAccess to getServices API from service repository
service_service-repository_get_validation_patternsAccess to getValidationPatterns API from service repository

service_service-repository_get_version

Access to getVersion API from service repository
service_service-repository_update_log_levelAccess to updateLogLevel API from service repository
service_user_*

The access to the user administration is separated in multiple single permissions.
For further information how to use these, please contact the Scheer PAS Support team.

service-reportingMS Office data export (Backend)
service-userselfUser self service (Backend)
transaction_loggerComponent Process Mining: Saving the transaction log
xuml_access_formsAccess granting UI access for all xUML services running as container
xuml_library_repositoryAccess to xUML library repository

xuml_library_repository_service

Access to xUML library repository service
xuml_monitor

Access to xUML Service Monitor