What Are Read-Only Custom Attributes? 

Read-only custom attributes are a solution designed to balance the need for control and visibility within business process management. These attributes can be critical identifiers like unique IDs, approval dates, and approver names. Although they are visible within the user interface for reference, they can only be modified through backend processes, typically via API integrations. This setup ensures the integrity of the data and maintains its traceability without direct user interaction. 

Benefits: 

• Enhanced Data Integrity: By preventing end-users from altering critical data, these attributes help maintain accuracy and consistency across the business process documentation. 
• Controlled Attribute Management: Updates to these attributes are exclusively handled through APIs, ensuring that modifications are traceable and originate only from authorized systems. 
• Increased Visibility: While these attributes are non-editable, their visibility in the user interface aids users in process verification and supports comprehensive audit trails. 

Capabilities: 

• Read-Only Access: Administrators can designate custom attributes as read-only. These could be single-line or multi-line text fields within process models, tasks, and dictionary items. This ensures data consistency and prevents unauthorized edits. 
• API-Only Modifications: Any changes to these attributes are restricted to API calls from connected and authorized systems, providing a secure method for updates and ensuring controlled data management. 

List of use cases and examples: 

-Governance and Compliance: 

Ensuring that critical data like approval dates, approver names, and audit-relevant attributes cannot be altered directly by users is essential for compliance. This protects against unauthorized changes and ensures data remains accurate, which is vital during audits. 

-Workflow-Controlled Versioning: 

To maintain consistency and establish a clear history, customer-specific diagram versioning (e.g., major releases 1.0, 2.0, 3.0) should be set automatically through workflows. This prevents manual tampering and guarantees all changes are accounted for and tracked systematically. 

-Integration Consistency: 

Unique IDs from external systems, such as ERP or CRM identifiers used for data integrations, must remain consistent. Read-only custom attributes guarantee that these external references cannot be altered by end-users, preventing data conflicts and ensuring seamless integrations. 

-Diagram Meta Information: 

Information such as diagram metadata or internal business identifiers should be immutable for general users to avoid discrepancies and maintain the overall accuracy and purpose of the model. 

-Approval Tracking: 

Attributes related to approvals, including approval dates and approvers' names, are best handled through read-only custom attributes to ensure that only authorized workflow processes can modify them. This provides clear, traceable approval history. 

-Strict Control Over Dictionary Entries: 

When specific organizational units or IT systems are embedded within process diagrams or dictionary entries, making their references immutable to users is crucial. It protects against unauthorized edits that might inadvertently affect downstream processes and data quality. 

How do you mark attributes as read-only 

1. In the explorer, select Setup > Define notations/attributes. 
2. In the tab Modeling language, select a notation. 
3. Select a diagram element or dictionary category. 
4. In the tab Custom Attributes, choose (Add). 
5. Choose Create new attribute. 
6. Fill in the Name and Description fields. 
7. Select the data type.  The read-only custom attribute feature is available for Single-line text and Multi-line text only. 
8. To secure the value of a new attribute from being modified further in the workspace, fill the Read-only (irreversible) checkbox. 
9. Confirm with Create attribute. 
10. You can apply the Read-only (irreversible) option upon creation of a new custom attribute only.  Once applied and confirmed, the read-only status cannot be reversed.  Further changes to the value of the custom attribute must be performed through the API. 
11. The Read-only (irreversible) option functions in the same way where it is also available for creating new custom attributes for dictionary entries and for QuickModel configuration. 

How do you update those attributes through APIs - An Example:

• Use Case: add risk from an external system to the Dictionary  
• Configuration: 
  • Custom read-only attribute for External ID 
  • Custom read-only attribute for External URL 

     

     
• API  
  • Find technical custom attribute name  
  • Create a Dictionary item with the custom fields and values: 
    • Title: External Risk' 
    • Description: This is an external risk 
    • External ID: 123 
    • External URL: https://link-to-external-system.com/risks/123 

CURL: 

Java Script: 

Result: 

More details and how to access the SAP Signavio Process Manager API docs: https://help.sap.com/docs/signavio-process-manager/workspace-admin-guide/api-access

Co-Authors:

Manuel Taechl, Bairbre Wilson