SharePoint Designer Workflows β what user identity?
When a SharePoint Designer (SPD) workflow runs, it runs in the context of the workflow initiator. This is important to know if the initiator may not have permissions to everything that the workflow uses.
An example:
- A broad set of users have permissions to load documents into a library named Active.
- A small set of users process the documents and change a Status column to Verified when done (itβs preset to New in the previous step).
- You want a workflow to move the documents from the Active library to the Archive library when Status = Verified.
- The users that load documents into Active do not have any permissions to Archive.
You have two choices for creating this workflow in SPD:
Automatically start this workflow when a new item is created, with these steps:
Automatically start this workflow whenever an item is changed, with these steps:
Both workflows will run under the context of the initiator. In this case, the initiators will be different and have different permissions.
In the first case, the initiator is the user that loaded the document and that user does not have permissions to the Archive library. Meaning this workflow will always fail because it will not have permissions to perform the copy step.
In the second case, the initiator is the user that changes the status to verified. That will be a user with permissions to the Archive library. That workflow will succeed.
So consider permissions when choosing between various SPD workflow options.