I have a need to determine, within a list workflow, whether it was started as a result of a new list item being created, or was started manually by a user. Alternatively, a way to restrict who can manually start a workflow, while still allowing workflows to trigger on item creation for any user, would work.
My list form does a lot of upfront validation, including whether the user is authorized to perform this particular action.
In some scenarios the workflow will end in a condition where an administrator is required to correct data in a LOB system, and then run the workflow manually to complete the action. Only an Administrator should be able to trigger the workflow manually.
Good question. Does creating a new 'lesser' contribute permission that does not have the permission "View Application Pages " help with this? I believe they will not be able to start a workflow in this case, but may still be able to access the O365 Forms item creation form.
Alternatively, if the user does not need to ever edit the item, you could remove the 'Edit Items' permission and leave only 'Add Items' which will also prevent them from accessing Workflow I think. If the workflow makes updates to items in the list however you may need to put them into an elevated Action Set then.
Let me know if this helps
Thanks for your suggestions. Unfortunately I have been diverted onto another piece of work, and this workflow is on hold for now.
I will try your suggestions as soon as I have time, and post my results.