Core Docs - Core Concepts - Secure Workflows

Rock Version: v20.0
Last Modified: 2026-04-06 3:59 PM

While we've already covered workflow security in other articles, we thought we'd summarize workflow security in one place. This should give you a good understanding of what's possible.

Editing A Workflow Type

To be able to add or edit a workflow type, you’ll need Edit access to the workflow configuration page
(Admin Tools > General Settings > Workflow Configuration)
and the Workflow Type Detail block on it. While the Rock Administrator role has full access by default, Workflow Types inherit security from their parent Category. This means anyone with Edit permissions at the category level can also manage, clone or delete workflows within that category.  

Simple Security
To simplify administration, security flows from the Category down to the individual Workflow Type. If a team needs the ability to Clone or Delete forms in the Form Builder, you simply need to grant them Edit permissions on the parent Category. This removes the need to manually add security to every new workflow created.  

Workflow Navigation Page

The workflow navigation page (Tools > Workflows) is a great place for your staff to start and manage workflows. Below is a summary of the security needed to interact with the various components of this page.

Workflow Type Not A Link?
You may notice that when some workflow types are listed, they are not linked. This means the workflow type does not have an entry form configured for the current person.

Workflow Entry and URL Links

The following security is required for the Workflow Entry block:

Workflow List

The Workflow List block requires that a person must be authorized to Edit workflow types in order to view a list or add/edit/delete a workflow.

Workflow Detail

The following security is required on the Workflow Detail block:

My Workflows

The My Workflows block has the following security settings.