Skip to main content

Hi,

We have a Workflow that generates an email and custom URL which directs applicants outside of our K2 environment to a K2 Form. This StartProcess Workflow which generates the URL also passes parameters about the specified applicant. When they open their K2 Form via email link the application Form has a section/view for the K2 Add Attachment Smart Object. To add and attachment, you need the Process ID and file/attachment to create the attachment.

With that, this form doesn’t have a Process ID as it doesn’t reside within a Workflow, so upon submission of the Form when we try to start the sequential Workflow which would have managers tasks that would want to view their attachments, it’s not working. “The service account doesn’t have access to the process” is the error we are getting. I’m assuming because the applicant Form isn’t within a Workflow/process so it doesn’t know where to store the attachments. 

 

In an attempt we have tried to pass the WorkflowID/Process ID through from the first Workflow (StartProcess) via URL for the Add Attachment Process ID parameter on the Application Form. To then return the ID from the creation to then pass as a paramenter in the next Workflow. In hopes to then get the Attachments via Attachment ID passed to the workflow and through the Get Attachments call. However this doesn’t seem to be working as intended.

 

The main issue here is that these end users (applicants) don’t have K2 accounts and can’t be assigned Task like a normal Workflow. So our email which has the Form URL then starts the next Workflow via rules. Is there a way to Add Attachments from the Form which doesn’t have a WorkflowID/Process ID?

I can elaborate more if needed, but that is high level of what is happening in our process.

We will likely need some clarifications.

  1.  Is this K2 Cloud or K2 on premise?  Post seems to have both tags.  And response may differ if on K2 Cloud vs K2 On Premise.
  2.  When you say end users/applicants does not have K2 Accounts; are you using anonymous views/forms?  As per:
    1. https://help.nintex.com/en-US/k2five/icg/current/Content/Configure/AnonViewForms.htm
    2. https://help.nintex.com/en-US/k2cloud/userguide/current/Content/Create/Views/AnonymousViews.htm
  3. If using anonymous form with file attachment controls, you may have to consider the following:
    1. When you configure a form for anonymous access, you cannot upload or download files with the File Attachment, Image Attachment and Picture controls. You should carefully consider and evaluate the impact of allowing file uploads and downloads with anonymous access forms, since doing so may be considered a security vulnerability. User credentials and authentication are not required for anonymous access forms and therefore any files uploaded or downloaded with such forms can be performed by anyone that can access the form, without having to provide credentials.
      To allow file uploads and downloads for anonymous access forms you can add the following configuration settings to the web.config files of the SmartForms websites. Find the websites here:
      eInstall Directory]\K2\K2 smartforms Designer
      oInstall Directory]\K2\K2 smartforms Runtime
      Add the following setting to the <appSettings> section of the configuration files listed above:
      <add key="Forms.Controls.File.AllowAnonymousAccess" value="true" /> (Applies to the File Attachment and Image attachment controls)
      <add key="Forms.Controls.Image.AllowAnonymousAccess" value="true" /> (Applies to the Picture control)
      You must set the values to true to allow the controls to function when you access them through anonymous access forms. If you do not add this setting or if you set it to false, the controls do not work on anonymous access forms, namely errors occur when uploading or downloading files, and image thumbnails may not display. This configuration applies to the entire site and all anonymous access forms. It is not possible to configure security for the File Attachment, Image, and Picker controls for individual anonymous forms.
    2. When you configure a form for anonymous access, you cannot upload or download files with the File Attachment, Image Attachment and Picture controls. You should carefully consider and evaluate the impact of allowing file uploads and downloads with anonymous access forms, since doing so may be considered a security vulnerability. User credentials and authentication are not required for anonymous access forms and therefore any files uploaded or downloaded with such forms can be performed by anyone that can access the form, without having to provide credentials.
      To allow file uploads and downloads for anonymous access forms, log a support ticket with Nintex Customer Central portal to adjust the Forms.Controls.File.AllowAnonymousAccess and Forms.Controls.Image.AllowAnonymousAccess settings to true for your environment.
      You must set the values to true to allow the controls to function when you access them through anonymous access forms. If you do not add this setting or if you set it to false, the controls do not work on anonymous access forms, namely errors occur when uploading or downloading files, and image thumbnails may not display. This configuration applies to the entire site and all anonymous access forms. It is not possible to configure security for the File Attachment, Image, and Picker controls for individual anonymous forms.
  4. If starting workflows on anonymous forms, it will run as your K2 Site Application Pool account, so start rights and other permissions will pertain to the K2 Application Pool account:
    1. The view and form run in the context of the user account of the Application Pool associated with the SmartForms runtime site. Therefore, any integration requiring credentials (for example SmartObject interaction using the Impersonation authentication mode or starting a workflow) executes under the context of the Application Pool.

Yes, the URL given to the applicants is anonymous. I’ll follow up with attempting the config adjustment. But the error that was seen was that ‘The service account doesn’t have access to the process’ when reading through your reply does that mean I would also need to ensure that the Application Pool would need access to anything in particular?

 

Thanks,

Please try granting your application pool service account ‘View’ rights on the Workflow in question.

That application pool service account has full access (all) to the Workflow. That was previously set and didn’t change the outcome.

 

Thanks,

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings