Hi all, I am currently working on an application which requires an anonymous user with the UserRole 'Guest' to login into the application to utilize it. However, I am running into a problem here. The way I am currently trying to setup the registrion process is by using the Adminstration NewAccount microflow like the one used when you as an admin make your own local users. The anonymous user should be able to choose from multiple UserRoles but not all of them. Currently he can only select the UserRole which he possesses at that time. In my application the anonymous user can only select the 'Guest' UserRole. I am looking for a fix so that an anonymous user can select multiple UserRoles but not all of them due to security risks. I am currently running this application in the Mendix Modeler 6.10.5 Also, is this the best way to do this or do you guys suggest another more safe and better working method for me to use? I look forward to hear from you.
by default a new user should NEVER be able to set its own role.
This should be handled under the hood and/or be handled by an administrator.
In Mendix you can set the role of a user in a microflow, by retrieveing a specific role and assign it to a (new) account.
The Userrole select should never be available to a normal user.
As example see this model share (hint, download in your model)