Idea - Security to prevent users and epa taskbox apps letting users change their details

Security to prevent users and epa taskbox apps letting users change their details

New

End-user Management

Please see discussion 86873.

The built in Users and Embedded Process Automation apps allow users with no permissions within those apps to change their own details (name, phone and email).

This is seen as a security weakness to our company.

We would ideally like some way to stop users from doing anything within these apps.

24 Mar

Daniel Kuhlmann

MVP

For reference, the URL:

https://www.outsystems.com/forums/discussion/86873/users-app-allows-all-users-to-change-their-name-phone-and-email/

I think the functionality that you see as a security loophole is intended. I will check with OutSystems.

25 Mar

Richard Hurford

Hi Daniel, yes, that's the discussion I started and referenced in my original post. It shows that this is currently not possible, but I look forward to hearing what OutSystems have to say.

27 Mar