Skip to main content Skip to complementary content

Setting up workflow access security

Talend Studio allows you to set specific security access rights for users when they update master data through a workflow process.

Usually when you define the users that are required to intervene at a specific step in a workflow, see Managing workflow actors in the BPM perspective (task assignment), these users have a write access to all the attributes defined as variables in the workflow. However, it is possible to set restrictive access rights (Read-only, or Hidden for example) on few of these attributes when browsing the records in Talend MDM Web UI.

Information noteWarning: Because MDM system roles are not synchronized, they must not be used in a workflow.

Before you begin

You have already connected to the MDM server from Talend Studio. At least one workflow has been created and one user role has been defined in the BPM perspective.

About this task

To set up access rights to master data through a workflow process, do the following:
Information noteNote: The following procedure is based on the workflow created in Designing a workflow from scratch.

In this example, you are going to set workflow security for the Demo_User role as mentioned in Managing workflow actors in the BPM perspective (task assignment).

This Demo_User role needs only to validate any change in the price of a product in the Product business entity. And as this role needs a write access only to the Price attribute, you may want then to grant it a read-only access to the Name attributes in the same business entity.


  1. In the MDM Repository tree view, browse to your data model under the Data Model node, Product in this example, and double-click it.
    The data model editor is displayed.
  2. Expand the Product entity and browse to the Name attribute, right-click it and select Set the Workflow Access.
    A dialog box is displayed.
  3. Click the button to add a new line to the tabular list.
  4. In the Roles column, click in the line and then select from the list the Demo_User role.
  5. In the Workflow column, click in the line and then select from the list the name of the workflow for which you want to restrict access, Product_Product in this example.
  6. Click in the Access Rights column and select Read-only from the list.
  7. Click OK to validate your changes and close the dialog box.
    Information noteNote: You must deploy your changes to the server for them to be taken into account at runtime.

    An annotation representing the defined workflow access right is displayed below the Annotations folder of the Name node in the Product business entity.

    From now on, when a business user assigned the Demo_User role accesses the workflow task through Talend MDM Web UI, the task detail will have the Name field as read-only.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!