Attestation Security Access

These authorization options are for work items of authType AttestationWorkItem:

• The Work Item owner

• A direct or indirect manager of the Work Item owner

• An administrator who controls an organization in which the Work Item owner belongs

• Users who have been validated through authentication checks

By default, the behavior for authorization checks is one of the following:

• Owner is User attempting the action

• Owner is in Organization controlled by user attempting the action

• Owner is a subordinate of user attempting the action

The second and third checks are independently configurable by modifying these form properties:

• controlOrg — Valid values are true or false

• subordinate — Valid values are true or false

• lastLevel — Last subordinate level to include in the result; -1 means all levels

The integer value for lastLevel defaults to -1, meaning direct and indirect subordinates.

You can add or modify these options in the following:

UserForm: AccessApprovalList.

If you set security on attestations to organization-controlled, then the Auditor Attestor capability is also required to modify another user’s attestations.