Orchestration sharing controls

Orchestration sharing controls let administrators decide whether every Orchestration owner can share with teammates or whether sharing requires a role permission. By default, Allow unrestricted orchestration sharing is on. When it is on, Orchestration owners can share their owned Orchestrations. When it is off, owners must also have Share Orchestrations before they can share.

Restricting sharing changes who can add, update, or remove Orchestration collaborators. Confirm which owners should keep sharing access before you save the setting.

Control	What it allows
Allow unrestricted orchestration sharing	Lets all Orchestration owners share owned Orchestrations.
Share Orchestrations	Lets a user share owned Orchestrations when unrestricted sharing is off.
Publish Orchestrations	Lets an owner publish an Orchestration to the whole organization.
Publisher role	Grants operational publishing permissions, including Share Orchestrations and Publish Orchestrations.

Sharing and publishing are different actions. Sharing adds named collaborators. Publishing makes the Orchestration visible to everyone in the organization.

Before you start

Confirm you have the right administrator access:

Task	Required access
View organization settings	Permission to view organization settings.
Turn off unrestricted sharing	Permission to edit organization settings.
Create or edit a custom role	Permission to create or edit roles.
Assign Publisher or a custom role	Permission to assign roles to users.

Also decide which Orchestration owners should keep sharing access before you change the setting. You need permission to edit organization settings before you can change this control.

Open Organization Settings

Go to the administration area and open Organization Settings.

Open General

Select General.

Find Orchestration Sharing

In Orchestration Sharing, find Allow unrestricted orchestration sharing.

Turn off unrestricted sharing

Turn off Allow unrestricted orchestration sharing.

Save changes

Click Save Changes.

After this setting is off, Orchestration owners without Share Orchestrations will see sharing controls disabled or blocked. Sofie may show that Orchestration sharing is restricted to users with sharing permission. Use the Publisher role when a user should be able to share and publish Orchestrations without broad administrator access.

Open User Management

Go to Users.

Open the user

Select the user who should be allowed to share Orchestrations.

Open role assignment

Find the role assignment section.

Choose Publisher

Select Publisher.

Save the role change

Save the user update and confirm the user can see the expected sharing or publishing controls.

Publisher includes more than Orchestration sharing. It can also include publishing access for other reusable content. Use a custom role if the user should only share Orchestrations.

Create a custom role when you want narrower access than Publisher.

Open Role Management

Go to Users and click Manage Roles.

Create a role

Click New Role.

Name the role

Use a clear name such as Orchestration sharer.

Select Orchestration permissions

Open the Orchestrations permission category and select Share Orchestrations.

Add publishing only when needed

Select Publish Orchestrations only if users with this role should publish owned Orchestrations to the whole organization.

Save the role

Save the role and assign it to the users who should keep sharing access.

Choose who should get access

Grant Share Orchestrations to users who:

Own reusable Orchestrations that other users need to run or edit.
Maintain department or project workflows.
Need to manage collaborator access after unrestricted sharing is turned off.

Grant Publish Orchestrations more selectively. Published Orchestrations appear to the organization, so the owner should test the workflow, verify inputs, and confirm review points before publishing.

What Orchestration owners can do

An owner with sharing access can:

Open Share Orchestration.
Add people.
Choose Can edit or Can view.
Add a note for recipients.
Update collaborator access.
Remove collaborators.

An owner with publishing access can publish a live Orchestration to the organization. Published Orchestrations can be viewed and run by organization members, while only the owner and editors can modify them.

Test the change with one Orchestration owner before rolling it out broadly. Have that user open an owned Orchestration and confirm whether Share and Publish appear as expected.

Review after rollout

After you restrict sharing:

Review who has Publisher or a custom sharing role.
Confirm key workflow owners can still share Orchestrations.
Confirm users without the permission cannot add collaborators.
Check whether any shared Orchestrations should instead be published for organization-wide reuse.
Review role assignments when workflow ownership changes.

Organization settings for shared organization configuration.
Roles and permissions for role design and permission review.
User management for assigning roles to users.
Orchestrations for end-user sharing and publishing concepts.

​How sharing access works

​Before you start

​Restrict Orchestration sharing

​Grant sharing access with the Publisher role

​Create a custom sharing role

​Choose who should get access

​What Orchestration owners can do

​Review after rollout

​Related docs

How sharing access works

Before you start

Restrict Orchestration sharing

Grant sharing access with the Publisher role

Create a custom sharing role

Choose who should get access

What Orchestration owners can do

Review after rollout

Related docs