SmartObject Security

The SmartObject Security node is used to define design-time authorization rules for SmartObjects that use SmartBox as their data store, and controls who may publish (create/update) or delete SmartObject definitions to the K2 environment. This is most often used to prevent certain users or groups from creating or deleting SmartObjects in a particular K2 environment. For example: you may want to allow only members of the Sysadmins group in you organization to publish (create/update) or delete SmartObject definitions in your production K2 environment. Other users will not be able to publish SmartObjects in that environment.


The authorization model uses an optimistic approach. If no permissions are defined, any user can publish and delete SmartObjects. As soon as a permission is defined, only those users/groups can perform the specified operations and no other users will be able to publish or delete SmartObjects.