IT Process Automation

I need to restrict a domain account so that it can only do tasks through web service calls, and not allow console login. What are the rights / permissions I need to give the account in EEM so that it can only execute these web service calls against processes?

Any assistance here for rollcast?

Thanks!
Mary

rollcast wrote:

I need to restrict a domain account so that it can only do tasks through web service calls, and not allow console login. What are the rights / permissions I need to give the account in EEM so that it can only execute these web service calls against processes?

If you want the account to be able to use web services, that account will also be able to log in to the Management Console. I don't know of a way to prevent that. But in EEM, you can either 1) explicitly grant none of the actions or 2) explicitly deny all of the actions for the "Management Console" access policy. That means the account would be able to log in and see their basic user settings (such as date and time formats) and do nothing else.

Then you want to grant access to the types of objects (probably using the Process or Start Request Form access policies) so that the account can execute specific Processes and SRFs based on your policy.

Thanks Tom!

Rollcast, if Tom answered your question, make sure you check the "Mark as Accepted Solution" box in the upper right side of his post. You need to be logged in to see the box. This will mark your question as resolved.

Cheers!
Mary