Configuring security for case management solutions

Draft comment:
This topic only applies to BAW, and is located in the BAW repository. Last updated on 2025-03-13 12:15
In both the development and the production environments, you configure security on the case management objects that are controlled by Content Platform Engine. You must also configure security on Content Platform Engine process services queues, rosters, and application spaces. For Case Client, you configure view and edit access to pages.

About this task

You can assign permissions to different users, groups, and roles to determine the areas and objects of a solution in a Content Cortex object store that these users can access. A set of permissions is called a security configuration.

Proper application of security can ensure that cases and case documents are visible and editable only by the appropriate users and groups. In the context of case management solutions, security involves several different types of objects:
  • Case types
  • Case folders and subfolders
  • Documents
  • Activities
  • Queues
  • Rosters
  • Comments
  • Application spaces

The Case administration client provides a wizard that can help you to create, modify, delete, and apply a basic security configuration for your solution. If your solution requires more complex permissions than the defaults that are provided by the wizard, you can also customize the permissions in the wizard.

Some environments have specific or rigorous security requirements. If the security requirements for your environment cannot be met by customizing the security wizard, you can also use the Content Cortex security tools to set permissions manually on individual case objects.

Security for running work items that are associated with task objects in the target object store are configured with service groups along with security on queues and rosters. For more information related to IBM®® Business Automation Workflow security roles and groups, see Security roles and groups.