Pega Platform™ has implemented a new basic access control (BAC) to protect your application from unauthorized server calls from otherwise authenticated users. If you are bypassing this feature it is not the recommended approach by Pega and would recommend you to analyze your code to fix the unauthorized server calls as explained in the below documentation.
@JohnPaulRaja,C Could you please provide an update if the workaround suggested by @MarijeSchillern in userworkform worked for you? If not, did you arrived at a solution already? As this is a OOTB action (FinishAssignment), I expect this UIAction to be registered through OOTB rules.