Custom vs Out of the Box Access Levels - Let's hear your thoughts | Community
Skip to main content
KellieGardner
Community Advisor
KellieGardnerCommunity Advisor
Community Advisor
July 30, 2025

Custom vs Out of the Box Access Levels - Let's hear your thoughts

  • July 30, 2025
  • 3 replies
  • 476 views

I've had a few engaging conversations lately around access levels and permissions in Workfront. Here are a couple of narratives I've heard:

  1. Custom access levels are imperative for system governance
  2. If I'm paying for users to have X license, they should be able to do everything with that license for the cost to make sense

What value have you seen from putting strong governance in place around access levels and object permissions? Or, on the contrary, why are you not limiting what your users can do?

 

I’d love to gather real-world insights and lessons learned from the Workfront community.

    3 replies

    Daniel_Clarke
    Community Advisor
    Daniel_ClarkeCommunity Advisor
    Community Advisor
    July 30, 2025

    Hey @kelliegardner! In my experience, custom access levels are a must. Formerly with the planner/worker licenses I could see using the defaults in more cases, but there are too many rights provisioned to the standard license in the new license format that should not be broadly accessible to all "standard" users in a regulated industry or in any system claiming to have governance in place. A few off the top...

    • Uninhibited object creation, including projects, tasks, reports is a nightmare of data integrity resulting in a huge data load.
    • Ability to edit custom forms causing incorrect or inconsistent data capture
    • Creation of reports and dashboards - without proper knowledge of system structure it is very common to pull incorrect data tables which can reflect significant differences and impact decision making in a negative way
    • Deletion rights and approval paths... auditing? traceability? 

     

      Lyndsy-Denk
      Community Advisor
      Lyndsy-DenkCommunity Advisor
      Community Advisor
      August 1, 2025

      I concur with everything @daniel_clarke said and will add: We have customized access levels in conjuction with layout templates to optimize user experience. If people aren't using the functions and have not been trained to safely tinker, they're liable to break things—for themself or others. Also, it's a rare bird who actually has the interest to explore systems like we do. Most people don't want to touch anything they don't have to. If they have the enthusiasm to explore, I would like to foster it...with training and governance as a prerequisite to the privilege. Let them play at an elevated access level in the sandbox first, if necessary. It's a balance that you have to strike between micromanaging and empowering, but ultimately puts everyone in a position of success.

        MoniqueEvans
        Community Advisor
        MoniqueEvansCommunity Advisor
        Community Advisor
        August 20, 2025

         

        Access levels are too important to leave untouched. Something as simple as the ability to delete an object could make or break your instance. The defaults are there as a starting point, but they will never cover the breadth of your nuanced organization. Just because someone can, doesn't mean they should. And the more you truly understand how a set of users interacts with the platform, the better you can curate the experience for them so they only see buttons you don't mind if they press. Some of that is handled via Layout Templates, but much more is handled through Access Levels and sharing.

          Terms & ConditionsAccessibility statement

          Loading footer...