Daniel Krüger

3 minute read BPS Version: 2025.2.1.179

Overview

WEBCON BPS 2023 introduced the option to make a workflow instance accessible for an external user using a link. This is extensively documented in this post.

Since there’s already such extensive documentation, which has been updated over time, I want to provide a short overview of the features and my learnings.

Even so WEBCON renamed the license to ‘Single-use access’ I will use public link in this post. This term is a lot easier to write. :)

Basic information

  • You need to activate this feature on process level
  • You can configure an email template on the system settings level
  • Instances can be shared with read or edit privileges
    • Can be created on demand by the user using the BPS Portal
    • By actions in these triggers:
      • On entry
      • On exit
      • On timer
      • On browser opening
      • Menu button
      • On path
      • Upon instance saving
  • Tasks can be shared
    Can only be created using actions in these triggers:
    • On entry
    • On exit
    • On path
    • Upon instance saving
  • A link can be secured with a code, which will be sent to the mail address
  • The users access the workflow instance with a temporary user account
    • this type of user cannot
      • delegate tasks
      • or share tasks and instances with others.
    • They are also restricted from accessing certain options, including
      • administrative tools
      • History
      • deleting instances
      • or starting new ones.
  • If a path transition is triggered the privileges are reduced to read, and the link will expire after 1 year by default. Obviously, I haven’t tested this. ;)

Findings

  • While both options allow the editing of a workflow instance, only the task option does support executing paths.
    In this example a path was made available as a quick path (right side). This path is not available in the left browser, even so it was opened with a link granting edit privileges.
    Quick path is not visible for a user with a shared link, even with edit privileges.
    Quick path is not visible for a user with a shared link, even with edit privileges.
  • You can upgrade the privilege level of an existing link from read only to edit using the UI but there’s no action for it. Sending a new link will expire the old one, as far as I noticed.
  • Different errors depending on how access is removed
    • Due to expiration
      User friendly error message, when the link expires.
      User friendly error message, when the link expires.
    • Removing the shared link
      I would have preferred a more user friendly message, especially for external users.
      I would have preferred a more user friendly message, especially for external users.
  • No access to related information, it’s a temporary user
    The upper part of the screenshot shows the All attachments tab, but this is empty for the temporary user
  • Interface language depends on the browser configuration
  • The instance is checked out like in other situations
  • If you want to have multilingual text in the mails, you need to use business rules with the Text function.
    There’s no translation options for these mails.
    There’s no translation options for these mails.
  • The Is embed default theme is used
  • Some of my JavaScripts are likely to fail, because the internal WEBCON BPS endpoints are accessed without the authKey parameter.

License consumption

  • Separate counts for each environment
  • Consumption occurs when a link was used to edit an instance. Viewing did not increase the Used count.
  • Ping pong with shared tasks
    • First task, license is consumed
      https://hostname/SharedInstanceAuthCode/db/22/Index?authKey=Tjr2t1-4Zkqz892Pabzo4A
    • Second task, no license is consumed, it’s the same link
      https://hostname/SharedInstanceAuthCode/db/22/Index?authKey=Tjr2t1-4Zkqz892Pabzo4A
    • A new credit is consumed each calendar month
      It doesn’t matter if it’s a shared task or link. It’s also not important if the link had been generated just a day before.

Security

  • No access to attachments of other workflows
  • History cannot be accessed, the modified URL is ignored
  • Removing the element id from the URL triggers a user authentication
  • The temporary user account is unique for each share/link, even for the same workflow instance
  • We cannot grant any privileges to this shared user
    The shared users account has a different syntax which is neither supported by the action nor can it be used in the UI to add privileges using the admin mode.
  • Changes are displayed in history

Deployment mode/ e-mail redirection

The deployment mode configuration is also used for public links.

Deployment mode aka mail redirection.
Deployment mode aka mail redirection.
With active deployment mode even the public link mails are redirected.
With active deployment mode even the public link mails are redirected.

Comments

You May Also Enjoy

Execute form rule with parameters from JavaScript

4 minute read BPS Version: 2025.2.1.179

The Designer Studio doesn’t offer the functionality to pass parameters to form rules in JavaScript mode. This post demonstrates a workaround

Manuel mass editing

2 minute read

If you need to repeat the same action multiple times you should learn browser shortcuts

Creating tags dynamically

6 minute read BPS Version: 2025.1.1.105, 2025.2.1.179

Choose a tag (classification value) from a centralized or decentralized sourced or add one.