Hi all,We have a deployment account in QA having system admin access. For some nodes, we are using lane assignment as "Run as whoever designed the process model". In one of the nodes, we are retrieving data from a record but due to some reason, data is not being retrieved(that PV is empty). Same code is working in dev but not in test. The only difference is In dev, it runs with my name and in QA, it runs with the deployment account name. Even though its a system admin account, should it be added to viewers group for retrieving data? Is there any missing piece over here?
Discussion posts and replies are publicly visible
hi Sarathkumar R In QA record is having the same security as in dev ?
Yes, if you are using newer synced records with record-level security, then you will need to give your system administrator account permission to view the records you want to query. Even though being a system admin gives you access to almost everything in Appian, the new record-level security works a little bit differently.
Sarathkumar R System Admin access grants administrative rights but doesn't guarantee read access to specific data records. Verify if the record tries to access in QA has viewer permissions granted to the deployment account.Try changing lane assignment for testing (user with known access).
yep, same as in dev
What about writing into records? Do we need permission for doing that?We are getting this issue while querying and not while writing into record.
To resolve the issue with the system admin account not retrieving data from records in Appian:
Confirm Record Permissions:
Ensure the system admin account has viewer permissions on the specific records, as record-level security may restrict access despite admin privileges.
Test with Known Access:
Temporarily change the lane assignment to a user with confirmed access to the records for testing purposes.
Note:
System Admin accounts provide administrative privileges in Appian, but they don't automatically bypass Record-Level Security restrictions. You need to explicitly grant the necessary permissions for the account to access specific record data.
Record-level security does not apply to writing records, it only applies to users being able to view records (in records lists, queries, even in aggregated reports and self-service analytics etc.)
See here for more info - https://docs.appian.com/suite/help/24.1/record-level-security.html