Passing confidential data to workflow
Hello!
We have a lot of projects and different workflows for these projects. Some workflows require confidential data, for example Slack incoming webhooks for notifications. There is a way to limit access to project or ticket, however, I can't find where I can limit access to particular workflows or private data these workflows are using.
What are the options to restrain workflow visibility or to pass secrets securely to the workflow?
Please sign in to leave a comment.
Hello!
Currently, workflows could be edited by users with Read Project and Update Project permissions. The logic here is that if a user is trusted with managing a project, they can be trusted with managing workflows. You can revoke the Update Project permission from the needed users if you want to hide the workflows from them. Other than that, there are no options to hide specific workflows from users.
We also have a feature request to introduce more granulated project permissions, so please vote for it if you find it useful.
Is it the same about the visibility of workflow? Viewing is enough for disclosure of secure data in workflow. Can I use these permissions to limit access for viewing?
Yes, a user needs to have both Read Project and Update Project to view workflows. So you may revoke the Update Project permission from a user to hide the workflows.
As an alternative, you may store confidential data in some private issue that is not visible to anybody, and load this data in the workflow.
What kind of information is it?
Rungrot Saibudtdee
Could you please elaborate on your question?
Alisa Kasyanova
Checked one more time. Permission Update Project helps. I deleted the previous message, where I said it is not working.
Thank you a lot for help!