How can we improve Nintex Workflow for Office 365?

Secure Password variable including Workflow Constants

When designing a workflow for O365 a lot of Nintex Store actions like 'Create Site' require an account and password explicitly. As I am -designing- the workflow I do not want to know the actual Workflow Account password executing these actions, that's for the admins to know. The only way to enter these passwords is by using plain text either directly or by means of a Text variable. So I would propose a new 'Secure String' or 'Password' variable so at least I can call someone to type in the password without me knowing it. Of course it would be best that these actions don't require an extra direct password or just send a mail to the user indicated asking him to login and trust the execution of the workflow.

339 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
Sjoerd V shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

27 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • Russ H commented  ·   ·  Flag as inappropriate

    One comment on the connection manager, it will not let you create a connection name the already exists in other site collections, ( so it knows others exist ) But will not let you use the connections already defined elsewhere..
    Please consider a centrally defined set of connections for use across all site collections.

  • AdminJon Hardy (Senior Product Manager - Nintex, Nintex) commented  ·   ·  Flag as inappropriate

    Hi Pradipta, I am happy to say that work is progressing well on this development. I expect it to be released in some months time. This development is a connection manager which will remove the requirement for the use of username and password in actions. Your admin should be satisifed with the security that this will introduce.

  • Pradipta commented  ·   ·  Flag as inappropriate

    Hi Nintex when you will come up with Secure Variable as many asked for. Recently I want to add Permission for different user for that i have to user o365 Permission Action so there I have to use the Password as a variable so that I can user it in different action item. but Admin was so unhappy as the password are visible.

  • Ness commented  ·   ·  Flag as inappropriate

    In a lot of instances, these actions are being run with elevated privileges, so there needs to be the ability in O365 actions that require username and password to call constants or ideally the secure store to get those credentials instead.

    This way IT Admins can manage service accounts without Power Users having to know the credentials or use their own credentials (lest they leave the company and break business critical workflows!).

    Alternatively, why can't we choose to run in the context of the current user - when we know that we don't need to run as a privileged user in order for the workflow to run?

  • Mark Cotterell commented  ·   ·  Flag as inappropriate

    There are some Nintex components that require an account name and password entered to allow the step to have permission to perform a task. This is giving us security headaches as well as being impractical since when the password expires, which is quarterly, the workflow will fail. We are now looking at alternative workflow products.

  • Ryan commented  ·   ·  Flag as inappropriate

    I'm somewhat surprised that what was delivered in the app was considered suitable. You really do need to have a service account and thus an o365 subscription for that account to make use of these actions.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Really annoying having to change this in multiple places if the workflow is imported to a diferent environment. The credential management should be centralized and easily mantained. Please take this in consideration,
    Thanks in advance.

  • Warwick W commented  ·   ·  Flag as inappropriate

    come on Nintex Dev, give us a few new features to keep us happy for a little bit.

  • Nicolas Meistretty commented  ·   ·  Flag as inappropriate

    Currently we are not able to use the Initiator credentials to execute actions like create an item, update an item, etc.. This is very frustrating to have to enter credentials instead of using the current workflow initiator or publisher as the account to perform the action.

  • Adam Shelton commented  ·   ·  Flag as inappropriate

    Still waiting anxiously for an update on this. I believe it really needs to be made a priority and it is a significant barrier in converting workflows for O365. Please give us an update on the status of this request or a usable temporary workaround.
    Thanks

← Previous 1

Feedback and Knowledge Base