By default, an average user can view only instances of process definitions they have created or are permitted to view. However, they can also see process definitions and instances created by other users if consent is given. Depending on the “Permissions” assigned by the admin or the user who created the definition, the average user can “View,” “Design,” or “Remove” the process instance.

Admin users can limit average users' ability to view, design, and revoke access to process instances by selecting the “Permissions” menu item.

Search for and select the user(s) for whom permission needs to be set for the chosen definition. The user must type the first three characters of the definition name to start the search. 

Select the user from the list, then click the "Add" button. A confirmation message appears in the top-right corner. 

Similarly, permissions can be assigned to users based on specific application roles, as shown in the UI below. 

The admin user can grant permissions to the selected user for specific or all process instances by checking the 'View and Design' option and deselecting the relevant checkboxes. The user can access only the permissions they are granted. 

In the example above, the “Alpha-TestUser-1” can view and design all process instances for the “setWFStateDef" process definition. Users with the “FIPGroupA” application role can view, design, and remove all process instances for the “setWFStateDef” process definition.