Again running into issues with not having more granular control of User Permissions. Wondering if this is on the Roadmap and if so (Though I know you can’t say when) is it one of the higher priority items?
You all are awesome. Thanks!
Page 10 / 11
As Howie and myself have previously mentioned, “Advanced User Permissions” is a massive category of potential features. In this thread alone, people have suggested dozens of potential implementations, each of which has its own set of unique considerations. I can say that granular permissions are a high priority for our product team and we do intend to keep adding support for such controls as we grow.
At the same time, the development of more permissions features is a very complex project. The different potential ways in which these features could be implemented each have massive and far-reaching implications for how teams access and interact with their most important, mission-critical data . This is a responsibility that we take extremely seriously, and as such, we need to take every necessary precaution in order to ensure that we have thoughtfully considered all possibilities.
As just one example of the kinds of questions we need to ask ourselves: when thinking about the broad category of “limiting access” for certain users, does this mean limiting the ability to see information, to make changes to information, to share information, or something else entirely? We are actively thinking about permissions as it relates to all of these different actions, but at the same time, each of those actions is itself an extremely broad topic encompassing many different use cases, design decisions, technical challenges, and implementation concerns.
Furthermore, for any feature that we implement, we have to carefully consider how it will interact with all of the other features that already exist in the product (e.g. linked records, forms)—as well as any features that we might implement in the future . Again, these kinds of considerations are of vital importance when it comes to issues of information access, editing, and sharing.
On top of all that, our product team needs to carefully balance the desires of individual users to add ever more features that solve specific needs with the collective value for everyone that comes from having a product that is as welcoming and accessible to as many people as possible—without becoming heavyweight or overwhelmingly complex.
To reiterate what Howie has already said, there’s no such thing as a “one-size-fits-all” model for granular permissions, so there won’t be a day when we suddenly release a silver bullet that solves all permissions needs for all users. Instead, our current focus is on developing more narrowly scoped feature-components that will allow users to build out the permissions systems that they need (e.g. our releases of locked views, limiting visible options in forms, etc.). We will continue to keep you updated on all new features (permissions-related or otherwise) as they become available, as well as any relevant pre-general release betas.
Lastly, by far the most helpful thing that you can do to regarding this topic is give us specifics of your use cases and the problems you’re facing. Plenty of folks in this topic have done just that, for which our product team is grateful. Here are just a couple of example questions touching on the topics that concern our product team:
- What industry do you work in? What role do you have? How are you using Airtable?
- Are you most concerned with view access, write access, share access, or another form of information access?
- Who are you using Airtable with? With other Airtable collaborators? If so, are these other collaborators base or workspace collaborators? Or, are you using Airtable with non-Airtable users? If so, are they using forms? How are they using these forms?
- What is the nature of the information that you’re concerned about? Where does it live? In specific cells? In records? In fields? In field configurations? Just in specific views? In entire tables? In the names of records, fields, or tables? In share links?
- Do you use linked records at all? If so, how would you expect that linked records would interact with more granular permissions?
It’s been over a year now since you posted this and yet it seems like it still isn’t possible to do very simple things with permissions. For example, why isn’t it possible to restrict collaborators to a single view? We use Airtable as an editorial calendar and we want our writers to only be able to see the posts we have assigned to them - we don’t want them to see the whole calendar. As far as I can tell this isn’t possible with Airtable as it is now. We are forced to share everything with everyone.
There’s not a one-size-fits-all solution to user permissions—all of the users who’ve asked us about greater customization in their permissioning have had their own unique workflows and use cases. The challenge for us is to design features that solve the many different types of permission granularity that people want, without adding overwhelming complexity. There are other products that offer highly detailed permissions options, but we don’t necessarily want to bring all of those levels of complexity into Airtable, as we’re generally designed for more lightweight use cases.
We would love to hear more about the specific issues that you’re having with the current permissions model, and what problems you’re trying to solve—the feedback we get from users is one of the most valuable things we can have when we’re trying to design new features to be as elegant as possible.
Hi Katherine,
Lack of security is a concerning topic: it seems that advanced permissions is such an important request that you guys should prioritize this soon no? Can you give us a hard deadline here if possible?
In my case I want to have a massive base that links all sorts of KPIs for the entire company as well as strategic projects and OKRs showing how things relate. The problem is that this requires (1) certain tables of this base to be visible only to some users, (2) specific permissions on who can view/edit certain fields and (3) data protection (e.g. ensuring that a user won’t steal all of our info by downloading stuff, using copy and paste or print screens).
I know that this is not easy but this is not only a product-changing feature that brings Airtable to the next level but also apparently a must-need for so many people.
If you could, thus, give us a hard deadline we would appreciate because at this point given the lack of security of the tool I don’t know if I can trust it to build my company on top of it.
Thank you
Hi Katherine,
Lack of security is a concerning topic: it seems that advanced permissions is such an important request that you guys should prioritize this soon no? Can you give us a hard deadline here if possible?
In my case I want to have a massive base that links all sorts of KPIs for the entire company as well as strategic projects and OKRs showing how things relate. The problem is that this requires (1) certain tables of this base to be visible only to some users, (2) specific permissions on who can view/edit certain fields and (3) data protection (e.g. ensuring that a user won’t steal all of our info by downloading stuff, using copy and paste or print screens).
I know that this is not easy but this is not only a product-changing feature that brings Airtable to the next level but also apparently a must-need for so many people.
If you could, thus, give us a hard deadline we would appreciate because at this point given the lack of security of the tool I don’t know if I can trust it to build my company on top of it.
Thank you
Hi @DiegoF, and welcome to the community!
I do want to apologize in advance for your message being the target of one of my wild rants. :winking_face: Do not take any of this personally.
Hard deadlines telegraphed to all competitors? Seriously? This is software we’re talking about here, dude! :winking_face:
No one - not even the developers - know when something in the security category will be ready. Competitors would love this information as well, so you’re basically asking the company you want to bank on, to risk its existence to make you feel all warm and fuzzy about choosing Airtable. Not gonn’a happen.
As to the security features of Airtable, this aspect of the platform will never be complete, but I agree 100% - some level of improved permissions agility is needed now and more-so in the future. The vast community here has made these requirements clear.
However…
We must also consider why you are asking about these permissions features and the underlying objectives -
I get it - you don’t want to spend any more money on a visualization and dashboarding/reporting platform the likes of which is not Airtable or perhaps anything remotely like Airtable. This is a grand vision for a platform designed to collect and collaborate on data. But it’s not irrational - it’s just grand.
At the outset, Airtable’s reporting capabilities are near-flatlined ttoday], and you want it to get to the next level. I think your use case – while perfectly rational – is out of reach in a practical sense and not just because of the security constraints.
In my view, data science use cases require viz-ready(i) data and Airtable is not the most agile aggregation platform to make that happen. So, even if you had advanced user permissions, the pathway to analytics would still be like hiking Angle’s Landing in a 30-knot crosswind.
Another aspect of this use case is the general fitness-of-purpose of Airtable itself. To create your grand vision you must test a number of deeper requirements to see if they fit the spirit of the platform. I’m not suggesting it wouldn’t be ideal for a single platform to be the perfect data collection and management tool with a higher purpose for running your business at an analytics level. Your vision may be grand, but it’s also ideal.
The trouble is, this use case has a lot of devils in the details and the permissions model deficiencies pale in comparison. There’s nothing about Airtable that evokes comfort about a “massive base”. 
But let’s say you can squeeze everything into a base that you need to effectively craft KPIs and other metrics needed to operate a moderately complex business. You still need aggregations. Airtable has rollups, but these are rudimentary and weak; you need a far different level of aggregation technology the likes of ElasticSearch.
Overall, the vision is smart, but I get the sense that your expectations don’t really fit well without aggregation into something more suitable for revealing KPIs and analytics about a business.
I also hate to toss cold water on anything without at least offering an alternative strategy, so here’s one.
Executive Base + Custom Apps
- Imagine a base for business analytics (only).
- In that base, there might be a few tables that describe the analytics a collection of custom apps might render. It may also describe target users and reports/notifications that are processed with actions.
- The executive base holds no critical or sensitive data about the analytics.
- The custom apps describe the security context based on each user’s identity (this is very secure and difficult to breach).
- Any user could be shared into this “executive” base but only users you designate through the underlying custom apps would be able to see each KPI/metric/conversation/report.
- The custom apps are responsible for aggregating the data from many other bases/tables.
- The custom apps are also responsible for rendering KPIs, metrics, and data visuals using Vega and perhaps D3.
- The custom apps are able to provide conversations between authenticated users keeping sensitive data and discussions well sequestered.
This vision is well within reach of Airtable today. It may not be financial practical for every business using Airtable, but it is ready and quite easily implemented (i.e., no technical showstoppers).
(i) viz-ready: data that has been aggregated to a level where rendering is the last step.
Hi Katherine,
Lack of security is a concerning topic: it seems that advanced permissions is such an important request that you guys should prioritize this soon no? Can you give us a hard deadline here if possible?
In my case I want to have a massive base that links all sorts of KPIs for the entire company as well as strategic projects and OKRs showing how things relate. The problem is that this requires (1) certain tables of this base to be visible only to some users, (2) specific permissions on who can view/edit certain fields and (3) data protection (e.g. ensuring that a user won’t steal all of our info by downloading stuff, using copy and paste or print screens).
I know that this is not easy but this is not only a product-changing feature that brings Airtable to the next level but also apparently a must-need for so many people.
If you could, thus, give us a hard deadline we would appreciate because at this point given the lack of security of the tool I don’t know if I can trust it to build my company on top of it.
Thank you
This is a really tough requirement. Currently every collaborator in an Airtable base can instantly and quietly copy all the data in the base. Airtable could change this to make it harder to copy a base.
However, preventing people from printing screens is unrealistic, and Airtable could not prevent it.
We also really need some more nuanced user permission levels. It’s a big risk to our data if the admin does not have the ability to lock records certain. At the very least, having an editor level permission minus “delete” ability would be an improvement.
We really need to be able to have a user update rows but not create or delete rows in a base. It’s too easy to accidentally create a row, then you have to delete it. We can’t add more users until this happens. So now one person downloads to excel where other people update, and then the one person copies the data from excel back into Airtable.
We really need to be able to have a user update rows but not create or delete rows in a base. It’s too easy to accidentally create a row, then you have to delete it. We can’t add more users until this happens. So now one person downloads to excel where other people update, and then the one person copies the data from excel back into Airtable.
@Claudia_Berman You can prevent people from adding or deleting records using Table permissions. See this support article for more info.
@Claudia_Berman You can prevent people from adding or deleting records using Table permissions. See this support article for more info.
THANK YOU! I completely missed that. I couldn’t find it in support, and I can’t believe I missed it in that tab.
Hello can’t we have a simple granular permission like only a person who created a row in a table can view it? i really like airtable but as it is i can not use it, i want my users to be able to view and edit only their own records. and not have to create a base or table for each user
No movement here then?
No movement here then?
In 4 more years maybe
Bumping. Would love this feature.
Hi @Rose_K , wanted to bring your attention to the second largest thread in this community, second only to the “linked bases” feature request. The request is 5 years old, and while progress has been made in user permissions, no progress has really been made for advanced user permissions.
We’ve received two or three answers on how Airtable would like to take its time and do it right, and take our feedback in the meantime. But it’s been years since then, and not only have users suggested various ideas on how to achieve it, but other SaaS programs like Coda and Notion have already implemented them within these years. Some SaaS like Stacker and JetAdmin have even built entire products around Airtable which handles user permissions fantastically in the last 3 years. But users shouldn’t be paying $300/month for a basic neccesity like this - it should be baked into the product.
So the question on everyone in here’s mind is, is this something we should give up hope on? I’ve learned over the years as in many cases, anything other than a direct answer (e.g. specific plan in the current roadmap) would be equal to saying “yep, it’s not in our plans now” 
Last sliver of hope from when I’ve started following this thread from 2017.
Hi @Rose_K , wanted to bring your attention to the second largest thread in this community, second only to the “linked bases” feature request. The request is 5 years old, and while progress has been made in user permissions, no progress has really been made for advanced user permissions.
We’ve received two or three answers on how Airtable would like to take its time and do it right, and take our feedback in the meantime. But it’s been years since then, and not only have users suggested various ideas on how to achieve it, but other SaaS programs like Coda and Notion have already implemented them within these years. Some SaaS like Stacker and JetAdmin have even built entire products around Airtable which handles user permissions fantastically in the last 3 years. But users shouldn’t be paying $300/month for a basic neccesity like this - it should be baked into the product.
So the question on everyone in here’s mind is, is this something we should give up hope on? I’ve learned over the years as in many cases, anything other than a direct answer (e.g. specific plan in the current roadmap) would be equal to saying “yep, it’s not in our plans now”
Last sliver of hope from when I’ve started following this thread from 2017.
A month goes by without a reply from @Rose_K or the Airtable team. Very sad to see
A month goes by without a reply from @Rose_K or the Airtable team. Very sad to see
Hey @Jarvis,
Sorry for forgetting to report back here! I did submit this feedback to our Product team, but I don’t know of any movement on this specific feature request at this time. If there is any upcoming movement that I can disclose, I’ll make sure to follow up here!
Hey @Jarvis,
Sorry for forgetting to report back here! I did submit this feedback to our Product team, but I don’t know of any movement on this specific feature request at this time. If there is any upcoming movement that I can disclose, I’ll make sure to follow up here!
Thanks. Any update on this would be welcome, particularly whether it’s on the roadmap at all or not. It’s been half a decade since this was first requested, and this is 2nd largest thread in this forum, so there’s a lot of users who would want to know where Airtable stands with this.
For many years now, I have not been able to fully use AirTable due to the lack of Advanced User Permissions.
Every time I get an email from AirTable about what’s new - I hope to see Advanced User Permissions. But instead, I see some kind of visual decoration and controversial innovations.
When will you do Advanced User Permissions?
Chiming in to keep this request alive.
A solution that would help would be to limit view shared link visibility to specific users (even specific paid users), rather than email domains. Right now we only have one paid user, the administrator. This is not because we want to, but because Airtable’s lack of granular permissions forces us to operate this way. Everyone else at our company is in the free tier. We can somewhat control permissions and data visibility by sending out shared view links restricted to our domain, and letting free users make changes/create records through forms. Onboarding and termination are a headache, as we manually track and update shared view links on a per-employee basis. Linking shared views to user accounts, or better yet, role based groups of user accounts would make all of our employees paid users.
Would be curious if any other businesses out there would have more paid accounts with a better user permissions system. Might help with getting this feature request prioritized.
Hey @Jarvis,
Sorry for forgetting to report back here! I did submit this feedback to our Product team, but I don’t know of any movement on this specific feature request at this time. If there is any upcoming movement that I can disclose, I’ll make sure to follow up here!
Hello!
Are there any news about permissions? The huge amount of teams can’t use AirTable because it doesn’t have permissions. So, everybody have to show all information for everybody, including secret and important information. I think, permissions - is the foundation for CRM, databases or other similar products.
If you need more feedback, help or more information - you can write me: velikrus@gmail.com
So, the most of community is waiting for this feature. Really hope you complete this task as soon, as you can!
Thanks a lot, Ivan Chernyshuk
I wanted to about the update of permission. If anyone has the news please share
Can’t believe Airtable can add table and field level permissions, but still allows any user with edit rights (i.e. team member) to see ALL DATA in ALL TABLES. Still makes it useless for me to add team members so must rely on other tools almost solely because of the VIEW ALL strategy employed. Sharing a read-only view in some way does not help.
BTW the simple solution seems to make editable Views sharable to Users and/or Roles. If a field isn’t in the view then the shared user can’t edit. If a Table has no shared views then it is private by nature. Simple, and much needed.
#1 reason we don’t adopt Airtable for more use:
limited permissions, either access to entire base or nothing unless embedding view somewhere externally or just sharing a link, i.e. we can’t have team members who can only see certain tables or field, they see EVERYTHING in the base
“Field/table editing permissions do not affect who is able to see information in the base. To share only a limited subset of information in your base, use a view share link and optionally, a form.”
We have been using Airtable in limited capacity for about 4 years, and there has been no change on this requirement. Such a shame.
#1 reason we don’t adopt Airtable for more use:
limited permissions, either access to entire base or nothing unless embedding view somewhere externally or just sharing a link, i.e. we can’t have team members who can only see certain tables or field, they see EVERYTHING in the base
“Field/table editing permissions do not affect who is able to see information in the base. To share only a limited subset of information in your base, use a view share link and optionally, a form.”
We have been using Airtable in limited capacity for about 4 years, and there has been no change on this requirement. Such a shame.
Same issue for us. Would recommend trying Stacker. It’s overpriced and the interface is not as smooth as Airtable’s, but it solved most of our issues with view permissions.
Or maybe view permissions will be baked in to Google Tables when it’s released.
Yes I Second this I have been paying 350 a month for Stacker just to get this feature but the interface is clunky and the interface is not as good as Airtable.
Can we please get this to work at Airtable?
Seriously can we start a go fundme or something
Worth watching Table Talk 15.
Seems like view permissions are actually a high priority for Airtable and may start being released in 2022.
Second the urgency of these requests. Would really need to see a restriction to duplicating bases (shocking that it is allowed to any users not only creators/owners) and restricting some views so that not all users could see them (so not having the option of seeing everyone’s personal views for some users)
Have gone through all the individual tables and fields restrictions and using forms where possible but the above is a big big need.
Hopefully the cryptic messages on the upcoming changes that CPO mentioned in table talk actually come this year!
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.