Blueriq as a Service 

Out of box the Blueriq Runtime supports security on Blueriq as a Service. In Blueriq it is possible to create your own web services, either via REST or SOAP. In order to secure a BAAS a shortcut needs to be created for the BAAS project, more information about creating shortcuts can be found here. Since Blueriq 11.5 it is no longer needed to use 'securityEnabled' because it will be secured if a a role set in studio.
Setting a role is also possible on other Blueriq items like Flows, Services etc.Blueriq Runtime supports security on Blueriq as a Service out of the box by adding roles to the webservice definition.

Adding a role to the webservice

...

A role can be added at the exposed flow (which is started from the service definition). This can be useful if the flow is started from multiple contexts. Otherwise adding the role at the service definition is preferable over this option.

Image Modified

Security endpoints

...

webservices/aaas/Webservice/aaas.wsdl

Secured shortcuts

It's possible to secure BAA(R)Ses by providing a property to the shortcus for the baa(r)s:

blueriq.shortcut.<shortcut name>.securityEnabled = true

However, this feature is deprecated in favor of adding roles to the webservice. Defining shortcuts with security enabled will be removed in Blueriq 14.