Hi,
Central and Local. The Local vCO holds all the workflows. The central vCO runs the multi node plugin and adds a proxy workflow for all the required workflows from the Local vCO.
I also have a custom portal which will talk to Central vCO using Rest APIs and will invoke the proxy workflows. The custom portal will authenticate against the vCO for using Rest APIs and I don't want that authentication user to be a part of vCO admins group. My questions are as below -
1) Can I have a user which has restricted permissions on the workflows (view and execute) which the custom portal should execute ? If so, are view and execute permissions sufficient ?
2) On the Central vCO, while adding the local vCO server using "Add a vCO Server" workflow, can I use a shared session and this user will be a part of vCO admins group ?
3) Also do I need to set these permissions on the proxy workflow on the Central vCO or on the actual workflow in the local vCO ? So basically -
Custom Portal -> Central vCO (Restricted user with view and execute permissions on the proxy workflow)
Central vCO -> Local vCO (add vCO server using shared session and this user will have full access ? or can this be restricted as well ? )
Many Thanks,
R