Access control in business process and human task applications
Business Process Choreographer, which is installed as part of the IBM® Business Process Manager installation, uses roles to determine the capabilities of the user on a production system.
The Business Process Choreographer roles are
shown in Table 1.
| Roles | Default permission | Notes |
|---|---|---|
| System Administrator | User names, group names, or both, entered during configuration | Has access to all business processes and all operations. |
| System Monitor | All authenticated users | Has access to read operations. |
| JMSAPIUser | User name entered during configuration | All Business Process Choreographer JMS APIs are run on behalf of this single user ID. |
| EscalationUser | User name entered during configuration | Used by the human task manager to process asynchronous API calls. |
| AdminJobUser | User name entered during configuration Note: The
user supplied must be a member of the Business Process Choreographer
System Administrator role.
|
Administrative jobs (for example, the cleanup service or business process instance migration) are run on behalf of this single user ID. |
Note: The WebClientUser role, which is associated with
the Bpcexlorer.ear file, can access the Business Process Choreographer
Explorer. The default permission for this role is All Authenticated.