As Howie and myself have previously mentioned, “Advanced User Permissions” is a massive category of potential features. In this thread alone, people have suggested dozens of potential implementations, each of which has its own set of unique considerations. I can say that granular permissions are a high priority for our product team and we do intend to keep adding support for such controls as we grow.

At the same time, the development of more permissions features is a very complex project. The different potential ways in which these features could be implemented each have massive and far-reaching implications for how teams access and interact with their most important, mission-critical data . This is a responsibility that we take extremely seriously, and as such, we need to take every necessary precaution in order to ensure that we have thoughtfully considered all possibilities.

As just one example of the kinds of questions we need to ask ourselves: when thinking about the broad category of “limiting access” for certain users, does this mean limiting the ability to see information, to make changes to information, to share information, or something else entirely? We are actively thinking about permissions as it relates to all of these different actions, but at the same time, each of those actions is itself an extremely broad topic encompassing many different use cases, design decisions, technical challenges, and implementation concerns.

Furthermore, for any feature that we implement, we have to carefully consider how it will interact with all of the other features that already exist in the product (e.g. linked records, forms)—as well as any features that we might implement in the future . Again, these kinds of considerations are of vital importance when it comes to issues of information access, editing, and sharing.

On top of all that, our product team needs to carefully balance the desires of individual users to add ever more features that solve specific needs with the collective value for everyone that comes from having a product that is as welcoming and accessible to as many people as possible—without becoming heavyweight or overwhelmingly complex.

To reiterate what Howie has already said, there’s no such thing as a “one-size-fits-all” model for granular permissions, so there won’t be a day when we suddenly release a silver bullet that solves all permissions needs for all users. Instead, our current focus is on developing more narrowly scoped feature-components that will allow users to build out the permissions systems that they need (e.g. our releases of locked views, limiting visible options in forms, etc.). We will continue to keep you updated on all new features (permissions-related or otherwise) as they become available, as well as any relevant pre-general release betas.

Lastly, by far the most helpful thing that you can do to regarding this topic is give us specifics of your use cases and the problems you’re facing. Plenty of folks in this topic have done just that, for which our product team is grateful. Here are just a couple of example questions touching on the topics that concern our product team:

• What industry do you work in? What role do you have? How are you using Airtable?


• Are you most concerned with view access, write access, share access, or another form of information access?


• Who are you using Airtable with? With other Airtable collaborators? If so, are these other collaborators base or workspace collaborators? Or, are you using Airtable with non-Airtable users? If so, are they using forms? How are they using these forms?


• What is the nature of the information that you’re concerned about? Where does it live? In specific cells? In records? In fields? In field configurations? Just in specific views? In entire tables? In the names of records, fields, or tables? In share links?


• Do you use linked records at all? If so, how would you expect that linked records would interact with more granular permissions?

As Howie and myself have previously mentioned, “Advanced User Permissions” is a massive category of potential features. In this thread alone, people have suggested dozens of potential implementations, each of which has its own set of unique considerations. I can say that granular permissions are a high priority for our product team and we do intend to keep adding support for such controls as we grow.

At the same time, the development of more permissions features is a very complex project. The different potential ways in which these features could be implemented each have massive and far-reaching implications for how teams access and interact with their most important, mission-critical data . This is a responsibility that we take extremely seriously, and as such, we need to take every necessary precaution in order to ensure that we have thoughtfully considered all possibilities.

As just one example of the kinds of questions we need to ask ourselves: when thinking about the broad category of “limiting access” for certain users, does this mean limiting the ability to see information, to make changes to information, to share information, or something else entirely? We are actively thinking about permissions as it relates to all of these different actions, but at the same time, each of those actions is itself an extremely broad topic encompassing many different use cases, design decisions, technical challenges, and implementation concerns.

Furthermore, for any feature that we implement, we have to carefully consider how it will interact with all of the other features that already exist in the product (e.g. linked records, forms)—as well as any features that we might implement in the future . Again, these kinds of considerations are of vital importance when it comes to issues of information access, editing, and sharing.

On top of all that, our product team needs to carefully balance the desires of individual users to add ever more features that solve specific needs with the collective value for everyone that comes from having a product that is as welcoming and accessible to as many people as possible—without becoming heavyweight or overwhelmingly complex.

To reiterate what Howie has already said, there’s no such thing as a “one-size-fits-all” model for granular permissions, so there won’t be a day when we suddenly release a silver bullet that solves all permissions needs for all users. Instead, our current focus is on developing more narrowly scoped feature-components that will allow users to build out the permissions systems that they need (e.g. our releases of locked views, limiting visible options in forms, etc.). We will continue to keep you updated on all new features (permissions-related or otherwise) as they become available, as well as any relevant pre-general release betas.

Lastly, by far the most helpful thing that you can do to regarding this topic is give us specifics of your use cases and the problems you’re facing. Plenty of folks in this topic have done just that, for which our product team is grateful. Here are just a couple of example questions touching on the topics that concern our product team:

• What industry do you work in? What role do you have? How are you using Airtable?


• Are you most concerned with view access, write access, share access, or another form of information access?


• Who are you using Airtable with? With other Airtable collaborators? If so, are these other collaborators base or workspace collaborators? Or, are you using Airtable with non-Airtable users? If so, are they using forms? How are they using these forms?


• What is the nature of the information that you’re concerned about? Where does it live? In specific cells? In records? In fields? In field configurations? Just in specific views? In entire tables? In the names of records, fields, or tables? In share links?


• Do you use linked records at all? If so, how would you expect that linked records would interact with more granular permissions?

Me:

Software Product Designer

Small business owner

Trying to love Airtable

User need cases - based on this thread

1. restrict data access by users with varying levels of access needs (by field / by view / by base etc)


2. prevent unwanted deletion

Airtable product concerns

1. Keep things simple


2. Keep permissions from becoming barrier to productivity

Comments

Airtable rightly knows its ideal customers are likely to be non-enterprise level teams looking for simple (yet powerful) solutions. Nobody wants complicated permission groups / tiers / and layers.

Solution

Views. They currently have all the building blocks of a structured permission system.

1. Locked view is already a flag on a view that allows modification or not. Separate this out from “Personal” they are not mutually exclusive states.


2. Hidden fields. Combined with locked views, we now have granular control over both and edit permissions. (view permission already = shared links)


3. Now add per-user access to views. Kind of already exists with personal views, which is a single user association to a view. Now open that association to multiple users.


4. Finally, a user permission tier that can edit records but cannot create or alter views. Both functionalities already exist within Editor and Commenter permissions.


5. Finally ho’s able to configure the user to view associations? Creators only.

Me:

Software Product Designer

Small business owner

Trying to love Airtable

User need cases - based on this thread

1. restrict data access by users with varying levels of access needs (by field / by view / by base etc)


2. prevent unwanted deletion

Airtable product concerns

1. Keep things simple


2. Keep permissions from becoming barrier to productivity

Comments

Airtable rightly knows its ideal customers are likely to be non-enterprise level teams looking for simple (yet powerful) solutions. Nobody wants complicated permission groups / tiers / and layers.

Solution

Views. They currently have all the building blocks of a structured permission system.

1. Locked view is already a flag on a view that allows modification or not. Separate this out from “Personal” they are not mutually exclusive states.


2. Hidden fields. Combined with locked views, we now have granular control over both and edit permissions. (view permission already = shared links)


3. Now add per-user access to views. Kind of already exists with personal views, which is a single user association to a view. Now open that association to multiple users.


4. Finally, a user permission tier that can edit records but cannot create or alter views. Both functionalities already exist within Editor and Commenter permissions.


5. Finally ho’s able to configure the user to view associations? Creators only.

As Howie and myself have previously mentioned, “Advanced User Permissions” is a massive category of potential features. In this thread alone, people have suggested dozens of potential implementations, each of which has its own set of unique considerations. I can say that granular permissions are a high priority for our product team and we do intend to keep adding support for such controls as we grow.

At the same time, the development of more permissions features is a very complex project. The different potential ways in which these features could be implemented each have massive and far-reaching implications for how teams access and interact with their most important, mission-critical data . This is a responsibility that we take extremely seriously, and as such, we need to take every necessary precaution in order to ensure that we have thoughtfully considered all possibilities.

As just one example of the kinds of questions we need to ask ourselves: when thinking about the broad category of “limiting access” for certain users, does this mean limiting the ability to see information, to make changes to information, to share information, or something else entirely? We are actively thinking about permissions as it relates to all of these different actions, but at the same time, each of those actions is itself an extremely broad topic encompassing many different use cases, design decisions, technical challenges, and implementation concerns.

Furthermore, for any feature that we implement, we have to carefully consider how it will interact with all of the other features that already exist in the product (e.g. linked records, forms)—as well as any features that we might implement in the future . Again, these kinds of considerations are of vital importance when it comes to issues of information access, editing, and sharing.

On top of all that, our product team needs to carefully balance the desires of individual users to add ever more features that solve specific needs with the collective value for everyone that comes from having a product that is as welcoming and accessible to as many people as possible—without becoming heavyweight or overwhelmingly complex.

To reiterate what Howie has already said, there’s no such thing as a “one-size-fits-all” model for granular permissions, so there won’t be a day when we suddenly release a silver bullet that solves all permissions needs for all users. Instead, our current focus is on developing more narrowly scoped feature-components that will allow users to build out the permissions systems that they need (e.g. our releases of locked views, limiting visible options in forms, etc.). We will continue to keep you updated on all new features (permissions-related or otherwise) as they become available, as well as any relevant pre-general release betas.

Lastly, by far the most helpful thing that you can do to regarding this topic is give us specifics of your use cases and the problems you’re facing. Plenty of folks in this topic have done just that, for which our product team is grateful. Here are just a couple of example questions touching on the topics that concern our product team:

• What industry do you work in? What role do you have? How are you using Airtable?


• Are you most concerned with view access, write access, share access, or another form of information access?


• Who are you using Airtable with? With other Airtable collaborators? If so, are these other collaborators base or workspace collaborators? Or, are you using Airtable with non-Airtable users? If so, are they using forms? How are they using these forms?


• What is the nature of the information that you’re concerned about? Where does it live? In specific cells? In records? In fields? In field configurations? Just in specific views? In entire tables? In the names of records, fields, or tables? In share links?


• Do you use linked records at all? If so, how would you expect that linked records would interact with more granular permissions?

Is this what you’re looking for?

Thanks Bill! It partially does indeed!

I recently asked to be able to test out this beta feature (still haven’t had the chance).

Yet, this doesn’t seem to handle the issue : “How can I adjust who can see information in my base?”

Is this what you’re looking for?

We have been using the beta and it is terrific - solves a lot of problems re: user permissions. However, I don’t believe it addresses the ability to only allow users to see selected information. Hopefully that is the next step for Airtable’s development team as it would be very valuable.

The one feature that would make us use only Airtable and not “home-made code” or other tools would be the possibility to share only a portion of the base (one table and selected views i.e.) to an external user and give that person the ability to edit or add records.

Hey guys, i had the same issue so we built a way to sync base together so we can share a portion of base with edit access to our clients.

We are thinking of sharing it, if you are interested click here

We have been using the beta and it is terrific - solves a lot of problems re: user permissions. However, I don’t believe it addresses the ability to only allow users to see selected information. Hopefully that is the next step for Airtable’s development team as it would be very valuable.

Just my two cents - the reason I ended up here:

For sensitive, critical data, if I want to get someone to help with data entry, I need to be able to give them permission to add records but not to delete anything. I want to be able to have someone create records without being able to accidentally delete or otherwise modify the base/tables.

Editor level permissions minus “delete” would accomplish this.

A write-only permission level would be great too - if I only need them to enter new data, but don’t want them to modify existing data, this would be the better implementation.

How do we get on the beta!!

Firstly there is an obvious use-case for a read-only API…

Per-API-key base permissions are on our roadmap, but just wanted to point out that you can already accomplish this by creating a separate Airtable account and giving it read-only access to your base, then using that account’s API key.

There’s not a one-size-fits-all solution to user permissions—all of the users who’ve asked us about greater customization in their permissioning have had their own unique workflows and use cases. The challenge for us is to design features that solve the many different types of permission granularity that people want, without adding overwhelming complexity. There are other products that offer highly detailed permissions options, but we don’t necessarily want to bring all of those levels of complexity into Airtable, as we’re generally designed for more lightweight use cases.

We would love to hear more about the specific issues that you’re having with the current permissions model, and what problems you’re trying to solve—the feedback we get from users is one of the most valuable things we can have when we’re trying to design new features to be as elegant as possible.

Can’t believe Airtable can add table and field level permissions, but still allows any user with edit rights (i.e. team member) to see ALL DATA in ALL TABLES. Still makes it useless for me to add team members so must rely on other tools almost solely because of the VIEW ALL strategy employed. Sharing a read-only view in some way does not help.

BTW the simple solution seems to make editable Views sharable to Users and/or Roles. If a field isn’t in the view then the shared user can’t edit. If a Table has no shared views then it is private by nature. Simple, and much needed.