CA Process Automation - Restrict users access to processes they design

Document ID : KB000100807
Last Modified Date : 11/06/2018
Show Technical Document Details
Question:

Is there a method to ensure each Process designer can only access processes they designed in the Library?  

For example:

pamuser1 only see process1 and pamuser2 only see process2?

Answer:
This is possible, but trying to do this per process becomes very burdensome on the Process Automation admin team as they will have to update policies as processes are designed to restrict or grant access, and users will be able to see ALL processes in a specific folder, they simply will not be able to open and edit processes they do not have permissions to.

A better method to ensure users are separate and cannot see each others processes would be folder level restrictions.

For example:
"I created 2 uses, 'bob' and 'sue' in EEM and created 2 folders for each '/WIP/BOB_WIP/' and '/WIP/SUE_WIP/' and followed the directions in our guide:
https://docops.ca.com/ca-process-automation/04-3-02/en/administrating/administer-components/administer-advanced-ca-eem-security/customize-user-access-with-ca-eem-policies/customize-access-for-a-specified-user

I choose to just add both BOB and SUE to the pamuser policy to grant basic access, but there are directions for granting rights without setting one of the default policies.

Once completed, bob is able to log into PAM and has access only to the /WIP/BOB_WIP/ folder, and sue only has access to the /WIP/SUE_WIP/ folder; and each user cannot see the others processes."