corda / net.corda.core.flows / FlowLogic / checkFlowPermission


fun checkFlowPermission(permissionName: String, extraAuditData: Map<String, String>): Unit

Flows can call this method to ensure that the active FlowInitiator is authorised for a particular action. This provides fine grained control over application level permissions, when RPC control over starting the flow is insufficient, or the permission is runtime dependent upon the choices made inside long lived flow code. For example some users may have restricted limits on how much cash they can transfer, or whether they can change certain fields. An audit event is always recorded whenever this method is used. If the permission is not granted for the FlowInitiator a FlowException is thrown.


permissionName - is a string representing the desired permission. Each flow is given a distinct namespace for these permissions.

extraAuditData - in the audit log for this permission check these extra key value pairs will be recorded.