We would like the Workspace Timeout to redirect Users automatically to logon window once they are timed out (with no windows received).  This will prevent multiple screens received when users are timed out of Workspaces.  Currently when timed out of workstation, User will receive multiple windows asking to leave or cancel.   #Workspace #Timeout #Windows Chorus BPM #Processor ... View more

We are preparing our BP upgrade and for this period of time we want to stop all schedules. There is no 'disable' (ie temporarily prevent schedules from running) schedule feature but un-/retire only. Retired schedules are a mixture of outdated schedules that might not yet be possible to delete or are kept for other reasons. There is also now was to structure schedules in groups/folders so it may also be the case that some infrequently used schedules are retired just better manage regularly executed schedules.  So the idea was to create scripts based on currently active schedules to bulk un-/retire them and also making sure the exact same schedules that have been active are unretired again, without having to keep manual separate lists and have to visually check against those lists Unfortunately there is only /startschedule and /deleteschedule parameter for automateC but there is no un-/retire parameter. So it would be great to also have /retireschedule and /unretireschedule (and also /stopschedule since this is now supported in BP UI). Setting expiration dates would also be helpful  ... View more

Currently, when editing a stage properties, or writing an expression, on the right hand-side of the window we have a data items filter: It would be really handy if this filter could have another group added - Exposure. This would help finding all environment variables, session variables, and statistic data items, and take away the need for data item naming conventions as a workaround to find them easily. ... View more

It would be preferable to have an additional setting with regards to logging and sensitive data. While logging can be disabled or set to not log the parameters, if such instance occurs where full logging has to be enabled at resource level to determine an issue - it would be ideal to have been able to set a level of logging that still would not be captured in the logs. We have many processes that deal with sensitive data and have to build numerous work arounds to get the data in a way that would not accidently be exposed in the logs. If there was a setting similar to not log parameters it would allow us to build "normally" knowing that if full logging needed to be enabled, this data would be safe from the logs. ... View more

Sorry if this idea is duplication of existing idea but we are now going to upgrade to 7.3.2 and noticed again the nice feature of being able to show details of a resource in Control. It would be great to have at least local FQDN and server FQDN selectable so we can copy the values.  ... View more

Allow a user to open up and interact with WORD documents while editing a letter in Communications. Clients often have to refer to multiple documents when creating a letter to be issued, Currently having other WORD docs open when editing a letter in Chorus Communications results in unpredictable behavior e.g. edits being lost.  ... View more

With BluePrism Hub there is a need to store and distribute the API key. If this could be automated so users can request this and rabbitmq could distribute the key. It would probably need to have an approval or HITL stage gate. Moderator note: Changed the title of this idea to sentence case.     ... View more

Raised on behalf of Antonio Mathias Kühle: We wish that it is possible to have a separate log that show all API request transactions, with all details, so you can track exactly what your request contains, and what the response was.    This log could be a page visible in the BP interface, but the easy fix is just to create a DB table or log file for this.  Important thing is that it is something you can toggle "on" "off" from API configuration settings, separately on each API.  And also important for the DB table is that you can add "number of days" to keep the logs before they are automatically deleted.  ... View more

Today Image Retrieval throws an error retrieving sources created with 'screen image capture (PNG format).' Sources must be all PDF or all TIFF. Business users regularly create sources in the PNG format. IR should convert the PNG files to TIFF or combine the PNG documents into a single file.  ... View more

Our organization sets most GDL mime type files to open in HTML Content Viewer (Word, Excel, PDF).  We appreciate all images opening in tabs within HTML CV rather than downloading the files and having multiple native applications open in separate windows. We do have one issue:  When HTML CV fails to display a file we have no way to view it.  We need a way to download the file when HTML CV is unable to display the image / file. This can similar to how HTML CV handles unknown file types or password protected files.  A prompt opens allowing the user to download the file. Alternatively the user might be able to select download from the source menu.   ... View more

When a user tries to open an email (.msg) file uploaded to Chorus, the Content Viewer (CV) window opens but the email file is not displayed in the CV window, rather the file is downloaded and then the user is prompted, by the browser, to open the file. This is OK unless the email file in question is large (e.g. contains a large attachment); when the user tries to open such a file, the CV window opens but in chromeless mode, meaning there is no visible cue that the download is running and there is a risk that after a period of time with no file opened and no cue that anything is happening the user will close the window and report that the file cannot be opened. Is it possible to show some sort of status bar in the CV window to indicate that the download is in progress? Either a custom bar or the built-in browser status bar (I believe this would require the CV window to be launched with a flag that forces download progress to be shown in the status bar). ... View more

Users have ability to suspend BUT they can use the suspend feature to take work out of quality by Suspending and then having an activate status that wakes up in a different queue.  Essentially bypassing quality. We would like the suspension feature to have additional access to restrict the activation status option or ability to add an activation status as addtional resource. Thank you ... View more

Chorus is not able to send a dynamic JSON array (that contains the object keys to delete). The length of the array is defined at design time, so in runtime there is no apparent way to populate an array with a dynamic number of object keys to delete. That is, there is no dynamic array capability within Chorus which presents a challenge for batch Chorus objects deletion. ... View more

At present, there is no option to set timebound retries in the service cog configuration. Retries can be set but it is quite arbitrary, so cannot anticipate what the appropriate number should be. Also, need to consider the performance/traffic overhead for implementing such a retry mechanism. In summary, there is no apparent way to put a small interval between retries. ... View more

The application passes sensitive parameters in the URL line of many of the requests. BUSINESS IMPACT: Sensitive data could be disclosed unintentionally through transmission in the URL. Description The application uses the URL to pass sensitive data from the client to the server. Data passed in the URL can be exposed because data passed in this manner ends up in unintended locations. These locations can include server logs, local browser history, and proxy logs. Reproduction Steps Using Burp Suite, navigate through the application. The application passes sensitive parameters in the URL line of many of the requests  Affected Locations HUB v4.7 and Interact 4.7 Decipher v2.3 Recommendation When sensitive data is sent, it should be ensured that POST requests are used instead of GET requests. POST data is not treated the same way as URL data is when requests are sent through systems and do not typically get cached or logged. If there are technical constraints that require data to be sent in the URL then strong encryption should be used to encrypt values. It should be ensured that part of this encryption scheme contains protection against data replay so that captured cryptographic values cannot be replayed back to the server.  References Information exposure through query strings in url | OWASP Foundation A02 Cryptographic Failures - OWASP Top 10:2021   ... View more

The search drop down list within Processor Workspace is forced to be in alphabetical order. We are given the ability to specify the order that lookups are in within the LOOKUP resource parameters list, so the drop down should obey this order. Having frequently used searches at the top of the list is more streamlined and user friendly for the end users. This used to be functionality that existed but was taken away. ... View more

When a process model is deployed the only place that the details of who deployed it are located within the Design workspace. If a model is undeployed there is no record of who did it or when. This can cause issues if a process model is accidently undeployed. Having who made the change in the Admin Audit Trail would be helpful in locating who made the update and react accordingly. ... View more

Having upgraded from AWD ViewStation to Chorus BPM, some of our processors are struggling with the fact that comment templates no longer exist. They now have to copy/paste their standard comments from a separate document into Chorus and feel that comment templates would streamline their processing. ... View more

Processors are finding it difficult to search for currency values with Quick Search because the lookup is comparing the user's search value to the raw database value. E.g, if a LOB field is defined with a max length of 15, a user wanting to search for $500.50 would need to enter 000000000050050. Since processors don’t have access to field definitions, they don’t know how many leading zeros to add. Suggestion: Check for currency fields and trim leading zeros on the backend. ... View more