Setting Visibility for Forms/Workflows

The  designer can specify the visibility of a form/workflow from either the Forms and Workflows Homepage or the Form/Workflow Properties wizard.

1. On the Forms and Workflows Home Page: Click the Action Menu on a form/workflow and select Set Permissions.
2. In the Form/Workflow Properties wizard:
   1. Click anywhere in the Access Control section of the Properties Navigator (quick-view) or
   2. Use the cog icon to open the Form/Workflow Properties Wizard and select the Access Control tab.
      

Clicking on the icons or in the Access Control section of the Properties Navigator display the same wizard which can be used to set the Visibility of your form/workflow.

When Who can start the form or Who can start the workflow is displayed in the Permission field, the designer can select one of the dropdown choices to specify form/workflow visibility. The default value for forms is Anyone (login not required) while workflows default to Authenticated Users (login required). The choices for form/workflow visibility are:

• Anyone (login not required) - anyone can use it even if they are not logged in.
• Authenticated Users (login required) - the form is usable to anyone who has an account (username/password) and is logged in to your tenant.
• Designers/Owner Only - the designer user who created the form/workflow (owner) can edit, test or use the form. They must be logged into .
• Custom - The owning designer always has access to the form/workflow. Additionally, the designer may configure selected users and/or roles (i.e. users with these roles) to have runtime access to the form. Use this option to auto-start workflows programmatically.
  

The designer can grant form/workflow access to explicit users/roles by selecting the Custom option. Roles and users can be selected via an editable combo-box control. As the user types,  will try to find any roles and users in the tenant that contain the typed string. Up to 5 matches are displayed below the combo box. Selecting a role/user from the dropdown inserts the selection into the list.

Click Submit or continue with the next option in the Access Control wizard. 

The Expense Report in the above images can be used by anyone in the tenant with the role of Employee, Manager or Accounting, the user id of the Reviewer and the user Sue. Notice the Reviewer role is encased between curly braces. This is an example of a control template. Templates are like variables in your form that will be evaluated at runtime and replaced with the actual values entered. For templates to work, there must be a control in your form with the name given inside the curly braces.

The user, Jack, who has the role of frevvo.Publisher, is not a Reviewer for anyone in the company and of course, is not Sue, will be denied access to the form. He will see this error:

You can publish any form/workflow regardless of whether it can be started by Anyone (No login required) or just the Designer/Owner. If Designer/Owner Only is selected, the person who created it or any user given the Who can edit the form/workflow permission can edit it or test it. It is possible for more than one designer to collaborate on forms/workflows in development if the form/workflow owner (the designer that created the form/workflow) gives this permission to other designers. However, if one designer is working on the form, other designers will be denied access. Form/workflow owners can also designate the Who can view submissions or Who can edit submissions permissions to other users so two or more people may view/edit submissions at the same time.

Similarly, if a form visibility is set to Authenticated Users(login required), only users with accounts in the tenant will be able to access the form.

If you set the form/workflow visibility to Anyone (login not required) and users have begun submitting it, you'll need to use caution when modifying your form. If users access it while you are editing it, they will see error messages indicating that the page is being refreshed or that the form is invalid.  A form/workflow made public this way is accessible to anyone with the form/workflow's URL. There are other methods of sharing forms that have increasingly higher levels of security. See form security for details.

You can mark your form/workflow Designers/Owner Only until you are done developing it, which will prevent new users from accessing the form, but if users happen to be completing the form when you switch it from Anyone (login not required) to Designers/Owner Only, they will see error messages. A better approach if feasible is to edit the form in a copy of your project running on a staging server. You can then replace the current form with the new form by removing the original project/form/workflow from the staging server and uploading the new project/form/workflow.

The designer can set other permissions, such as who can view/edit submissions for forms and workflows via the Access Control wizard. Roles and users that can view the audit trail or be designated as workflow administrators are specified through the same wizard.