Access Control
Controlled availability
Access Control is currently in Controlled Availability and may not be available in every workspace.
Agent Studio has two layers of access control:
This section covers the first layer: role-based access control (RBAC) for people building in Agent Studio. End-User Access Control is separate. It controls which employees can use a published plugin.
Two layers, two purposes
A permission like Use controls whether a developer can run or test an asset while building. It does not decide which employees can use the resulting plugin. Use launch rules for that.
Why Access Control Matters
Before RBAC, every developer in a workspace could see, edit, and publish every plugin, action, and connector. As teams grow, two risks show up:
- Sensitive connectors are open to everyone. A connector to Workday, a finance system, or an HR backend is reachable by any developer, even ones who shouldn’t touch that data.
- Live plugins are easy to break. A developer on one team can edit a widely-used, already-published plugin owned by another team.
Access control lets you choose which developers can reach which assets. You can keep sensitive connectors limited to the right people and protect published work from accidental edits.
Day 1 experience with access control
When access control is enabled, existing assets, including connectors, move to the Public folder. Everyone in the workspace can see and use Public assets, which matches the previous behavior. Admins can then move sensitive assets into restricted folders.
How Access Control Works
1. Assets
An asset is any buildable component in Agent Studio: a plugin, action, connector, conversation process, or data type. Access control applies to assets. Connectors have a few extra rules, covered on Connectors and Access.
2. Folders
Every asset lives in exactly one folder, and the folder sets the default access for everything inside it. There are three kinds:
- Public: visible and usable by everyone in your workspace.
- Personal: your workspace for drafts and in-progress work. Each user has one.
- Custom: admin-created folders with their own access rules, such as “HR Integrations” or “Finance Automations.”
See Folders for how inheritance and overrides work.
3. Permission Axes
A user’s access to an asset has two independent axes.
- Editing controls whether a developer can view, edit, or manage an asset’s configuration. It cascades:
View<Edit<Manage. - Runtime controls execution through one permission: Use. Use lets a developer run, test, and reference an asset from another asset.
These axes are independent. An editing permission does not grant runtime, and runtime does not grant editing. For example, a developer can have Edit on a Workday action so they can update its logic, but still lack Use, which would let them fire real API calls with real credentials.
The Agent Studio UI bundles these axes into four named roles so you don’t configure each axis by hand. See Roles and Permissions.
Where to Go Next
The four roles, the two permission axes, and what each role can do.
How Public, Personal, and Custom folders set and inherit access.
Why connectors are closed by default, and how dependency-aware execution works.
The other layer: controlling which employees can use a published plugin.