Access Scopes¶

Use access scopes when a task must be completed by an external or anonymous participant and you need to control exactly which features that participant can use.

Access scopes are defined in the process definition. External participants already run with limited capabilities, and the scope tightens those capabilities further. The expiration period determines how long generated participant-access tokens remain valid.

Features¶

Access tokens control which features are available to a participant. For security, enable only necessary features. The following features are configurable:

Read Organization¶

Allows listing or reading organization data. Required for the IdentityPicker widget; disabling this renders the widget read-only.

Download Files¶

Allows downloading files from Emakin's file storage. Disabling this renders file controls read-only.

Upload File¶

Allows uploading files to Emakin's file storage. Disabling this renders file controls read-only.

Readonly Database Access¶

Enables read-only database queries. Disabling this renders database-dependent controls (e.g., DropDown) read-only, preventing data population.

Execute Modules¶

Allows calling scripting modules. Disabling this prevents module execution.

Network Access¶

Enables the use of the $Rest object. Disabling this prohibits network operations.

Document Editor¶

Enables the document editor. Disabling this disables the editor; files are downloaded to the browser instead (depending on the Download Files setting).

Related Pages¶

• Roles
• Tasks
• Assign Task to an External Participant
• Scripting Reference