Skip to main content
Nintex Community Menu Bar

Hi Mates,

I would like to understand How K2 has been Authenticate the user while taking action, 

Eg. I had Assign worklist to user X .  Url of Worklist has been my mistakenly pass to user Y.  Now user Y is taking action he is getting error as he is not auhtorize person to take action on workflist.

How and which mechanisam has been implemeneted here to chek user Authentication and Authtorization.

Will Take look User Token that has been pass or User ID?

 

Thanks in Advance..

K2 uses a "Seiral Number" to uniquely identify a task + user combination. You'll see this value in the task url as a parameter named "SN". So if you give an SN to someone other than who it was assigned to, K2 will know that it is not the right person to perform the task. Please let me know if I can elaborate further or if you are trying to work around some limitations with this approach.


Hi tbyrne777,
Thanks for your reply. I am aware that using SN we can take action.
Can you please elaborate further. Which User combination will be used for authentication. How K2 identified that given SN is for some other user?

So when a task is created in K2, behind the scenes in the K2 database the task is assigned an "Activity Instance Destination ID". This ID can be used to link up the actual activity (workflow box) that the task belongs to and the user that the task was assigned to. This number is the second part of the SN. The first part of the SN is the Process Instance ID, the unique Identifier for the process instance that the task was created in. So the SN value is [ProcInstID]_[ActInstDestID].

 

Using the K2 API, you can take a SN and see who it was supposed to be assigned to if it isn't the current user and provide options to the user as to what to do. For example, if the user has an admin role, you can provide them with an option to take ownership of the task and reassign it to themselves or, if they shouldn't have that kind of power, tell them who the task was assigned to so they can coordinate with this other user.

 

I'm not certain what your use cases are so I'm going pretty high level here but happy to talk through more details.


Reply