When creating SharePoint workflows one of the biggest problems is enabling the workflow to have enough permission to do all the things it needs. In SharePoint 2010 workflows, in order to run the workflows with elevated permissions you had to create an Impersonation step which was limited because it always had to be at the start of the workflow. Consequently if you needed elevated permissions during the workflow essentially everything had to be run in the step.
In SharePoint 2013 a new step has been introduced called an App Step. However there are a couple of catches to get this working.
The App Step provides very powerful functionality. One of the biggest catches in SharePoint is that the workflow, unless otherwise specified, runs under the permission of Workflow initiator. Consequently if the workflow tries to write to a list or library that the initiator doesn’t have permission it will fail with an Access Denied error. App Steps solves this problem by letting all the actions in it run under Workflow App permission which is Read/Write to all site lists.
In simple words “App Step” provides all the workflow actions added to it, with Read from and Write to Permissions to all the Items in the Site.
However an App Step is not available by default you need to activate a feature in your Site to get this displayed for that site in SharePoint Designer.
Navigate to Site settings->Manage site features and Activate the Workflows can use app permissions site feature.
Once it is activated you can Open the site in Workflow designer and find the App Step
Just click into a stage and then insert an App Step and all actions in the step will then run with elevated permissions.
