Workfront

KellieGardner · 7/30/25

I've had a few engaging conversations lately around access levels and permissions in Workfront. Here are a couple of narratives I've heard:

Custom access levels are imperative for system governance
If I'm paying for users to have X license, they should be able to do everything with that license for the cost to make sense

What value have you seen from putting strong governance in place around access levels and object permissions? Or, on the contrary, why are you not limiting what your users can do?

I’d love to gather real-world insights and lessons learned from the Workfront community.

MoniqueEvans · 8/20/25

Access levels are too important to leave untouched. Something as simple as the ability to delete an object could make or break your instance. The defaults are there as a starting point, but they will never cover the breadth of your nuanced organization. Just because someone can, doesn't mean they should. And the more you truly understand how a set of users interacts with the platform, the better you can curate the experience for them so they only see buttons you don't mind if they press. Some of that is handled via Layout Templates, but much more is handled through Access Levels and sharing.

View solution in original post

Daniel_Clarke · 7/30/25

Hey @KellieGardner! In my experience, custom access levels are a must. Formerly with the planner/worker licenses I could see using the defaults in more cases, but there are too many rights provisioned to the standard license in the new license format that should not be broadly accessible to all "standard" users in a regulated industry or in any system claiming to have governance in place. A few off the top...

Uninhibited object creation, including projects, tasks, reports is a nightmare of data integrity resulting in a huge data load.
Ability to edit custom forms causing incorrect or inconsistent data capture
Creation of reports and dashboards - without proper knowledge of system structure it is very common to pull incorrect data tables which can reflect significant differences and impact decision making in a negative way
Deletion rights and approval paths... auditing? traceability?

Lyndsy-Denk · 8/1/25

I concur with everything @Daniel_Clarke said and will add: We have customized access levels in conjuction with layout templates to optimize user experience. If people aren't using the functions and have not been trained to safely tinker, they're liable to break things—for themself or others. Also, it's a rare bird who actually has the interest to explore systems like we do. Most people don't want to touch anything they don't have to. If they have the enthusiasm to explore, I would like to foster it...with training and governance as a prerequisite to the privilege. Let them play at an elevated access level in the sandbox first, if necessary. It's a balance that you have to strike between micromanaging and empowering, but ultimately puts everyone in a position of success.

MoniqueEvans · 8/20/25

Access levels are too important to leave untouched. Something as simple as the ability to delete an object could make or break your instance. The defaults are there as a starting point, but they will never cover the breadth of your nuanced organization. Just because someone can, doesn't mean they should. And the more you truly understand how a set of users interacts with the platform, the better you can curate the experience for them so they only see buttons you don't mind if they press. Some of that is handled via Layout Templates, but much more is handled through Access Levels and sharing.

Workfront

Custom vs Out of the Box Access Levels - Let's hear your thoughts

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe