With that in mind, this post will be a shorter post than usual. Nevertheless, let’s dive in and cover this small but mighty update.
Access Flow User Permissions in App Permissions
This update is a very simple one. As of the Summer ’23 Release, Admins will be able to manage the User permissions relating to Flow in one convenient place. Now available in both Permission Sets and Profiles (if you have enabled the Enhanced Profile User Interface), you can assign the main User permissions for Flow inside a new section in App Permissions called Flow and Flow Orchestration. This section includes four permissions which Admins can assign to users by turning them in the user interface.
The four permissions included in this section are as follows:
- Manage Flow
- Manage Orchestration Runs and Work Items
- Run Flows
- View Flow Usage and Flow Event Data
Each permission comes with a brief description of what they entail. For example, the Manage Flow permission allows users to create and edit Flows, whereas the Run Flows permission allows users to run any active Flow in your org or on an Experience Cloud site. Having all of these permissions in one place is quite handy, as it means they are easier to find with a quick keyword search.
Now, I could just finish the blog here and leave it at that as that’s the update. However, I think it’s only fair that for this update, I share my thoughts on how we should handle these permissions. So before we wrap things up here, let’s go ahead and do that.
Assigning the Permissions Found in the Flow and Flow Orchestration Section
Based on the permissions available to us for Flow Builder, my opinion is that Admins should create two Permission Sets. One which will allow users to run the Flows that are present in their org, and the second to allow senior level users to manage them. The first Permission Set should be assigned to most users who join your org in my view, the second should be assigned to a small number.
Now, allow me to provide you with a list of my suggested Permission Sets, their names, and their included permissions:
|Run Flows||Manage Flows and Orchestrations|
|Run Flows||Manage Flow|
|Manage Orchestration Runs and Work Items|
|View Flow Usage and Flow Event Data|
These are the two that I would suggest creating, however you could also make a third Permission Set to allow assigned users the ability to view the usage of your Flows and their associated event data. I’d call that Permission Set something like Evaluate Flows.
But that’s how I would look to manage who has permissions to do what with your Flows in your org. Two simple Permission Sets, one to run your Flows, one to manage your Flows, and a potential additional third Permission Set to evaluate your Flow usage. That should all sound fairly simple, it’s a clean and (hopefully) efficient way to maintain access to the Flows in your org going forward.
So that’s the update to the User permissions for Flow Builder that is coming in the upcoming Summer ’23 release. What do you think? Do you think it’s a good change? Do you think my suggestion is a good method for controlling access to your orgs Flows?
Let me know in the comments below or on social media what you think of this update and the other updates that are coming to Flow Builder in this next seasonal release. I’d love to hear from you. I’ll be back later this week (hopefully) with a post covering the Flow Preview webinar that is airing this week as part of this releases run of Release Readiness Live (add it to your calendar here).
I’ll be in Prague later this week for CzechDreamin’ … I’ll be speaking on Flow and GPT, we’ll be taking a little bit of an introductory dive into how GPT performs with the task of providing instructions on how to build out Flows in Salesforce. If you’re going to be there as well, I’d love to meet you and say hi. It’s going to be a great event as it was last year. If you’re not going, maybe I’ll see you at another upcoming conference, it is conference season right now in Europe and the UK. So we might bump into each other.
Other than that, let me know what you think of today’s post in the comments or on social media. I’ll talk to you later this week.