Unify and manage your data

Adding a User Profile to Possible Assignees List

Learn how to add a user profile to the Possible Assignees list by adding roles and permissions to the user profile.

API endpoints have restricted access and you must have roles assigned which enables you to access the task endpoint (for example, ROLE_WORKFLOW). You must also have READ and UPDATE access to the workflow:data.tasks resource of the endpoint.

For a user profile to be available in the Possible Assignees List, the user profile must have at least one candidateGroups role and must have permissions to execute action on a Task. You can find and assign these privileges to the user profile with these steps:

  1. Assign candidateGroups role to the user profile.
    Do these steps:
    1. Get the Process Definition Content API response. For more information, see Get Process Definition Content .
    2. In the body of the response look for the userTask specification.
    3. The activiti:candidateGroups property in the userTask specification has the roles that you must assign to the user profile.
      For example:
      <userTask id="dcrInternalReview" name="Internal DS Review" activiti:candidateGroups="ROLE_REVIEWER,AX_HCM_ROLE_REVIEWER" activiti:dueDate="P7D">
    4. Assign at least one of these roles to the user profile. From the example: ROLE_REVIEWER and AX_HCM_ROLE_REVIEWER. For more information, see Managing Role Definitions.
  2. Assign permissions to the user profile.
    Do these steps:
    1. Get the Process Definition Content API response. For more information, see Get Process Definition Content .
    2. In the body of the response look for the accessTypes property and note the default value. There might be more than one accessTypes property in the response.
      For example:
      <activiti:formProperty id="accessTypes" name="AccessTypes" type="string" default="ACCEPT_CHANGE_REQUEST" writable="false"></activiti:formProperty>
    3. Using the Get Roles Against Object URIs API, get the roles having the default value permission on your tenant and assign them to the user profile. For more information, see Get Roles Against Object URIs.
After you have assigned the candidateGroups role and the permissions the user profile will become available in the Possible Assignees list.
For data change request permissions, see topic Permissions