Overview
Oracle Workflow guest access is a feature that has existed for a long time and is documented in the WF Administrator’s Guide. A quick run through could be obtained from MOS Note 277839.1. Basically, WF guest access is enabled by setting the profile parameter “WF: GUEST Access to Notification” (WF_VALIDATE_NTF_ACCESS) to Enabled and assigning proper grants to the GUEST user.WF guest access enables anyone, whether an EBS user or not, even outside the business or entity to respond to a notification without having to sign in to EBS. That is possible if the original recipient is an EBS user registered with WF’s directory services and thus was provided an access key embedded in the URL to notification details page.
Caution
Enabling WF guest access may be a convenience but there are consequences to be very careful about:- The obvious consequence is there is no way of identifying who actually responded since anyone could be GUEST. Especially if the original recipient was a role which could have multiple users and thus any one of those users could respond as GUEST.
- If the notification was for an approval, with options to Approve, Reject, or Request More Info, and the approver selects Requests More Info, when the submitter receives that Request More Info notification e-mail and opens the notification link that user will have access to all those options as well. Thus the submitter could self-approve the request rather than respond to the Request More Info. Furthermore, the legitimate approver may have no way of knowing the request was self-approved since further notifications (i.e. about the approval) goes to the submitter as well and not the legitimate approver. The action history will show GUEST as the one approving, not specifically the submitter, thus it cannot be determined who really responded.