Passing confidential data to workflow

Hello!

We have a lot of projects and different workflows for these projects. Some workflows require confidential data, for example Slack incoming webhooks for notifications. There is a way to limit access to project or ticket, however, I can't find where I can limit access to particular workflows or private data these workflows are using.

What are the options to restrain workflow visibility or to pass secrets securely to the workflow?

6 comments
Comment actions Permalink

Hello!
Currently, workflows could be edited by users with Read Project and Update Project permissions. The logic here is that if a user is trusted with managing a project, they can be trusted with managing workflows. You can revoke the Update Project permission from the needed users if you want to hide the workflows from them. Other than that, there are no options to hide specific workflows from users.
We also have a feature request to introduce more granulated project permissions, so please vote for it if you find it useful.

0
Comment actions Permalink

Is it the same about the visibility of workflow? Viewing is enough for disclosure of secure data in workflow. Can I use these permissions to limit access for viewing?

0
Comment actions Permalink

Yes, a user needs to have both Read Project and Update Project to view workflows. So you may revoke the Update Project permission from a user to hide the workflows.

As an alternative, you may store confidential data in some private issue that is not visible to anybody, and load this data in the workflow.

0
Comment actions Permalink

What kind of information is it?

0
Comment actions Permalink

Rungrot Saibudtdee

Could you please elaborate on your question?

0
Comment actions Permalink

Alisa Kasyanova

Checked one more time. Permission Update Project helps. I deleted the previous message, where I said it is not working.

Thank you a lot for help!

0

Please sign in to leave a comment.