Skip to main content

Wish: Admin User & Role Management improvements



  • Erwin Dral

    Hi Kenneth, 

    we plan to support automatic user provisioning though Public REST API, using the SCIM protocol with the Atlantic.3 release, which is planned for April 9. This will allow you to programmatically CRUD users and their role assignments. 


    This would not answer all your wishes, but some of the tasks you mention should be less time-consuming (one-time configuration, fully automatic after that). Do you agree? Would automatic user provisioning via SCIM be an option for your organization? 

  • Kenneth Oppermans

    Time will tell. Blue-Dolphin-Roles will still have to be managed, and that's the most time consuming.

  • Erwin Dral

    Hi Kenneth, 

    just for my understanding, you say, roles will have to be managed, do you mean the configuration of permissions per role? Or assignment of users to role(s)? 

    Indeed the configuration of permissions per role is quite time consuming today,
    but we're assuming this doesn't change very often. So on a per-user, per-year basis, the time spent configuring permissions per role would be limited. 
    But if this is the most time-consuming, can you explain how/why the permissions per role change often? 
    We can also setup a meeting to discuss, please reach out at

  • BOFH

    First and foremost, rights should not be granted using a opt-out scheme (by default all rights). Adopt a opt-in instead, explicitly granting rights

    Mind you, when you create a new object - in the current opt-out method - all existing roles have full rights on it.

    I fully support

    * Have a standard 'Read Only' role, straight out of the box.
    * Have a standard 'BPMN Only' role


Please sign in to leave a comment.