What is typically the first step in securing an application in Appian?

The correct approach to securing an application in Appian starts with securing the application itself. This foundational step ensures that the application is configured with the necessary security measures in place before any user roles or access groups are established. By securing the application first, developers can determine which components and functions require protection and what level of access needs to be restricted.

Securing the application involves implementing the appropriate permissions and access controls throughout the application design. This may include setting security settings on objects, such as processes, interfaces, and data, to ensure that only authorized users can access sensitive information or perform critical functions.

While assigning roles to users and defining user groups are essential components of the overall security strategy, they are effectively built upon the foundation set by the initial application security. Without first securing the application, other security measures would lack direction and coherence, potentially leaving gaps that could be exploited.

Setting up the database connection is also a vital part of application functionality but is typically a distinct process from securing the application itself. This step focuses more on connectivity and data management rather than on safeguarding the application's functionalities and data access rights.