Skip to main content

Overview

While Single Sign-On (SSO) is used to authenticate one specific user on log in to Flowable applications, an external Identity Management (IDM) system is used to gather lists of users and groups.

These lists are needed for case, process and task assignments as well as for permission management within Flowable applications. Also Flowable Design connects to the IDM API of Flowable Work to get the list of available users and groups for model assignments.

As model and instance assignments are often only needed in scenarios that involve human tasks, using an IDM in Flowable is optional. For example, if you only use Flowable for fully automated processes without any human tasks (and without external workers), there is no need to configure an IDM. The IDM is also mandatory if you want to use External Workers.

Flowable currently supports 2 different types of external IDM systems:

  • LDAP: Flowable can connect to an LDAP or Active Directory server to get the list of users and groups.
  • Microsoft Entra ID: Flowable can connect to Microsoft Entra ID using the GraphAPI to get the list of users and groups.