Permission issue when business process inserts record into lookup object – CanManageLookups required

Hello Creatio Team,

I hope you are doing well.

I am reaching out regarding an issue we are experiencing in our environment when executing a business process that attempts to create a record in a lookup object.

Issue description:
When the process runs, it fails with the following error:

System.Security.SecurityException: The current user does not have sufficient permissions to execute "CanManageLookups"

This occurs during the execution of an “Add Data” element that inserts a new record into a lookup object. The error is triggered in the lookup event (BaseLookup_CrtCoreBaseEventsProcess) during the saving stage.

Additional context:

• The process has “Use system security context” enabled.
• The user executing the process does not have the CanManageLookups permission.
• We also attempted to manage access rights within the process, but the error occurs before the record is created.
• This behavior suggests that lookup-level security validation is executed before process-level permissions are applied.

Business requirement:
We need to allow this process to create records in the lookup object without granting broad administrative permissions (such as CanManageLookups) to end users.

Questions:

1. Is there a recommended way to allow a business process to insert records into a lookup object without requiring the user to have CanManageLookups?
2. Does the “Use system security context” option apply to lookup events, or is there an alternative approach to execute this operation with elevated privileges?

We would appreciate your guidance on the best practice to handle this case, especially considering security constraints in our environment.

Thank you in advance for your support.