Form Definition Permissions

Learn about the Form Definition permissions.

Last published at: April 14th, 2026

User Level / Application Role Level:

As an Admin user, you can grant “View, Design, and Remove” permissions on Form Definitions (private) to a user and an application role, which are independent of each other. If a user is associated with an application role, the permissions granted may be the same as or more extensive than those granted to the role. Only the higher-permission of the two is valid for changing the definition. 

 

Render Public Forms v/s Private Forms:

Public forms are rendered without view permissions. Private form instances are rendered to a user or application role with appropriate access, or access is denied. The form instance task assigned to the current user is rendered with inherent view permissions.    

 

Manage Permissions:

Navigate to the Create > Form Definitions page. Select the form definition from the list, then click the Security > Permissions menu option. 

 

On the Manage Permissions page, grant permissions to the user and/or the application role(s), provided that both have been defined previously. 

 

Grant permissions to the Form Attachments associated with the Form Definition. Select the appropriate security permission from the drop-down list, then click the Save Permission button. This confirms that the file attachments are available for download only to the users involved. 

 

Type in the first three characters to search for a user or application role. 

Select the user from the list and click the "Add" button. Use the checkboxes to “grant or revoke” the permissions.

  • The “View” permission, when checked, grants the user the ability to render the Process Definition. 
  • The “Design” permission, when checked, grants the user the ability to modify the Process Definition. 
  • The “Remove” permission, when checked, grants the user the ability to remove the Process Definition. 
  • The “Instance” permission, when checked, grants the user the ability to view Process Instances associated with this Process Definition, regardless of who created them. 

Click the “Save Permissions” button to confirm the access. A confirmation message appears in the top-right corner, as shown below.  

 

To view a user's System and Application roles, go to the Administration > User Management page. Select the user from the list, then click View > Roles.  

 

This page manages the User roles as “System Roles and Application Roles”. Select the necessary checkboxes to align the responsibilities. 

 

Click the "Apply" button to confirm the changes. The user can view and design the form definition with extended permissions granted by the application role.  

 

Lock and unlock the Form Definitions:

By default, an average user can view only the Form Definitions they have created or have permission to view. They can also view form definitions developed by other users, provided those users permit it. Based on the “Permissions” assigned by the admin or the user who created the definition, the average user can “View,” “Design,” or “Remove” the form definition.

The definition is locked to the user who creates or modifies the form. There is no support for collaborative form building, and the definition is unlocked only after the changes are saved and the Form is closed. 

Another user with “View, Design, or Remove” permissions can unlock the definition, then lock it to prevent further modification. The first user can no longer save changes now that the definition is no longer locked to themselves. The application shall alert the first user of the lock status and the username of the user making the changes. This safety check prevents the contents from being overwritten by concurrent usage.