Access Scopes¶

Access scopes define the features and security constraints for anonymous users (participants) within a process. These scopes are defined in the process definition file. While external participants have inherently limited access, access scopes allow for further refinement. The expiration period determines the validity duration of generated access tokens.

Features¶

Access tokens control which features are available to a participant. For security, enable only necessary features. The following features are configurable:

Read Organization¶

Allows listing or reading organization data. Required for the IdentityPicker widget; disabling this renders the widget read-only.

Download Files¶

Allows downloading files from Emakin's file storage. Disabling this renders file controls read-only.

Upload File¶

Allows uploading files to Emakin's file storage. Disabling this renders file controls read-only.

Readonly Database Access¶

Enables read-only database queries. Disabling this renders database-dependent controls (e.g., DropDown) read-only, preventing data population.

Execute Modules¶

Allows calling scripting modules. Disabling this prevents module execution.

Network Access¶

Enables the use of the $Rest object. Disabling this prohibits network operations.

Document Editor¶

Enables the document editor. Disabling this disables the editor; files are downloaded to the browser instead (depending on the Download Files setting).