IBM BPM, V8.0.1, All platforms > Securing IBM BPM and applications > Set up security for the Business Space component and Process Portal
IBM BPM widget security considerations
Depending on the widgets you use in Process Portal for your product, you might assign either administrative user group roles to control access to data in a widget, or you might assign an additional layer of role-based access for your widget.
Administrative group roles and widgets
You control access to data in widgets with administrative group roles and the users who are assigned to the administrative group roles. To see who is assigned to these roles, open the administrative console, select Users and groups > Administrative group roles, and select a group. The Roles list is displayed.
Business Rules and Business Variables are two examples of widgets that might require changes to the administrative group roles.
For the System Health widget, the following administrative roles all have monitoring permissions, allow access to the administrative console and, therefore, allow users assigned to those roles to access data in the System Health widget:
- Monitor
- Configurator
- Operator
- Administrator
- Adminsecuritymanager
- Deployer
- iscadmins
Users who are mapped to those administrative group roles have access to the data in the System Health widget. Users who are not mapped to those roles cannot access the data in the System Health widget.
Widget role-based access
Some widgets have role-based access for their artifacts that business users created. In the Security Roles widget, you can assign users and groups to system roles or module roles that determine the level of access that members have for timetables in the Business Calendars widget. For more information about the Security Roles widget, see Security Roles widget in the IBM BPM documentation.
Set up security for the Business Space component and Process Portal