Page tree
Skip to end of metadata
Go to start of metadata

 

Before you publish a native application to the App Catalog, you may want to distribute it to specific reviewers to ensure that the app meets quality and security standards. With the Application Approval Process feature, you can send an app on one or both of the following workflows:

  • QA Testing
  • Security Review

During a workflow, members of the group assigned to review the app can access it in the App Catalog even though it is not yet enabled. You pre-assign the groups that will review apps during each type of workflow within your organization, so when it comes time to start a workflow, it is a one-click process; you simply change the app's workflow status from "Not Started" to "In Progress" and EASE automatically makes the app available to the workflow group.

Based on review feedback, you or another EASE administrator can change the workflow status to Pass or Fail. If an application fails a workflow, you can upload a new version of the app after it has been updated to fix the issues identified during the workflow. You can then start that version on a new workflow. Once an app passes all workflows, you can publish it to the App Catalog for your end users.

For an overview of a typical approval process, see the section below.

 

The Application Approval Process feature can be disabled for an organization. If you are not sure if this feature is enabled for your organization, check the Settings page. If the "Approval Workflow" section is listed, the feature is enabled. If the feature is not enabled and you are interested in it, contact Apperian Customer Support at support@apperian.com.

A Typical Approval Process

The following table steps through a typical application approval process.

StepFor instructions, see...                                    
1

Select approval workflow groups.

Before you can send any applications on an approval process, you need to assign an EASE user group to each of the approval workflows (QA Testing and Security Review). Members of these groups will have access to the application in the App Catalog while the workflows are in progress.

Select Approval Workflow Groups
2

Add a native application to EASE.

When you add an application to EASE, you specify the groups that can access the app when it is enabled. When an application is enabled—or "published"—members of those specified groups will have access to the app from the App Catalog. The groups selected for publishing the app are different than the groups assigned to review apps during a workflow. When you start an app on a workflow, users in the group assigned to that workflow (in the previous step) can access the app from the App Catalog—whether the app is disabled or enabled. For more on user access during workflows, see User Access During an Approval Process.

Before you send the app on a workflow, you may want to perform other tasks such as applying application policies. You can perform these tasks before you start a workflow, or after the approval process is complete; this depends on your internal processes and what you want reviewers to look at during a workflow.

Add an Application

Apply Policies to an Application

3

Start one or both workflows.

Depending on the application, you may need to send it on just one workflow or you may need to send it on both. EASE supports simultaneous and sequential workflows. You can start an application on the QA Testing and Security Review workflows at the same time, or you can wait until one workflow is complete before starting the other. To alert a group of reviewers that an app is available in the App Catalog for their review, you can use the group notification feature.

Start a Workflow

Send a Notification to a Group

4

Change workflow status.

Based on feedback from reviewers, you should change the status of the workflow to Pass or Fail. If any of the reviewers are also EASE administrators, they can log in to the EASE Portal to change the status themselves.

Throughout the approval process, you can view a log to monitor the progress of each workflow. With Security Review Pass/Fail log entries, you can link to an inspection report if one is available. You can also quickly identify workflow status for all apps by scanning the Applications list.

Change Workflow Status to Pass/Fail

Monitor the Approval Process

5

(If needed) Update the application version and restart the approval process.

If an application fails a workflow, it will need to be updated to address the issues identified during the workflow. When a new version of the app is available, you can upload it to EASE and resend it on one or both of the workflows.

Edit or Update an Application

Start a Workflow

6

Change workflow status and enable the application.

Once an application passes all workflows, you can publish to the App Catalog for your end users. When an app has passed all workflows, EASE prompts you to automatically enable the app. You can enable it at that time, or you can enable it later if there are other tasks you want to perform before publishing it.

Change Workflow Status to Pass/Fail

Disable or Enable an Application

User Access During an Approval Process

During an application's approval process, users in the group assigned to each in-progress workflow have access to the app in the App Catalog. These groups are selected on the Settings page for your organization, and are used to determine who sees any app that is going through a workflow. Access during an approval workflow is separate from the group access specified when an app is added to EASE. When you add or edit an application in EASE, you select groups in the Groups section to identify which users will have access to that particular app in the App Catalog when the app is published ("Enabled").

You should not publish applications to the same groups that you assign to workflows. To avoid confusion, you can create groups used only for workflows. For example, create a "QA Workflow" group for the QA Testing workflow and a "Security Workflow" group for the Security Review workflow. Members of these workflow groups may also be members of other groups that you will select for publishing. For more information on selecting workflow groups, see Select Approval Workflow Groups.


EASE does not block you from enabling an app while it is in an approval process, but that is not a typical use case. Most likely, you will not want to publish an app to your end users until it has successfully completed the approval process.

  • No labels