K2 blackpearl Installation and Configuration Guide > Installation > Post installation common tasks > Permissions for K2 Components > SharePoint Server > K2 for SharePoint - Required Permissions-K2 designer for SP | Send feedback |
When installing and working with the K2 for SharePoint components you must provide credentials for several different accounts. The following tables describe the accounts that are used to install, configure, and run the various K2 for SharePoint components.
The K2 Designer for SharePoint requires additional rights for installation, configuration and execution.
The application pool account used for the installation of the K2 Designer for SharePoint may be different from the application pool account used to set the K2 SharePoint Integration features. This application pool account must be part of the Farm Admin group. – this is only for deployment not execution. |
Account | Purpose | Requirements |
---|---|---|
Setup user |
The Setup user account is used to perform the following tasks:
|
All K2 for SharePoint Core permissions, plus the following:
|
K2 Central Admin |
The K2 Central Admin account is used to perform the following tasks:
|
|
Deployment Application Pool account |
The Deployment Application Pool account is used to perform the following tasks:
Note: The Farm admin group permissions are required for legacy processes that use the old Workflow Integration method where a feature needed to be added to the Farm for each process deployed. With SPWFI version 2 this is no longer a requirement. The user can remove the farm admin permission and then check that everything is still working i.e. that they can deploy a process, as this is the only place this permission was required. The user should bear in mind that if they make use of a generated Workflow Integration then they will have to be Farm admin, but this requirement is only for deployment and not execution. |
The following security configurations are done automatically when the Deployment Application Pool account is configured:
|
K2 Designer for SharePoint |
Users in the K2 Designer for SharePoint groups can perform the following tasks:
|
|
Process Participant |
Users in the Process Participant groups can perform the following tasks:
|
|
For upgrade scenarios where multiple k2 databases still exists, the db_owner rights required for webdesigner, will still be applied on the the webdesigner database. For new installations where a single K2 database exists, the db_owner rights for webdesigner will be applied on the webdesigner schema instead. |