Solved: Workflows RBAC?

Jeff Orr · ‎05-15-2026

Is there a timeline or estimated release date for basic or advanced RBAC for Workflows (for SSO dashboard logins)?

Basic:

Meraki Dashboard Role with only access to Automation (Edit) or (Run)

Advanced

TAG-based to allow a role to execute only automations with a given tag
TAG-based to allow a role to execute or edit only automations with a given tag
Role to manage global settings "gloabal admin" such as webhooks, credentials, variables, etc.

Ryan Burton - Product Manager · ‎05-18-2026

@Jeff Orr / @Philip D'Ath / @mloraditch / @mkutka - this feature is committed and presently being tested in production under a feature flag.

RBAC has been the highest priority item since we launched last year. It took coordinated effort with the Auth team to fit within the Dashboard permissions model, hence the amount of time needed to get this working.

What's coming is the ability to assign an admin (write), auditor (read), operator (execute), and deny permissions specifically for Workflows under the Automation menu. You will no longer need lean on the Org Admin role.

The above will come with the "Production Ready" flag, so only workflows you mark as Production Ready will be available for the operator to see/run. In addition, folder support will be delivered soon.

Future enhancements for attribute-based access control (ABAC), where it's down to which specific workflows/folder a user can edit/run is, on the long-term roadmap.

View solution in original post

mloraditch · ‎05-15-2026

I've not seen or heard anything specific to this. I would keep an eye on Cisco Live in a few weeks as lots of stuff tends to get announced there and even if not announced sometimes folks will talk a bit more openly about roadmap. I will be there and will try to remember to ask around and see if I can get a non-nda'd answer.

If you found this post helpful, please give it a thumbs up. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Philip D'Ath · ‎05-15-2026

This would be a great feature to add.

mkutka · ‎05-17-2026

I've heard/seen some roadmap items around RBAC for Workflows, although i'm unsure if they're committed. I suspect there may be some announcements on these items at Cisco Live US in a few weeks.

Ed Novak - Cisco Workflows TME · ‎05-18-2026

@Jeff Thank you for reaching out to the community with this question.

I’m happy to confirm that Role-Based Access Control (RBAC) for Cisco Agentic Workflows is coming very soon. We understand how critical this is for managing workflows for network operations effectively.

One of the key features we are introducing is the ability to define specific personas—including a "Network Operator" role. This will allow you to assign limited, granular permissions to your team members, enabling them to run essential workflows while maintaining the security posture of your environment.

We have a lot more exciting information and technical deep dives planned for Cisco Live in just two weeks. We would love to see you there and walk you through these upcoming capabilities in person!

Network Platform Team
Workflows - Technical Marketing Engineer

Ryan Burton - Product Manager · ‎05-18-2026

@Jeff Orr / @Philip D'Ath / @mloraditch / @mkutka - this feature is committed and presently being tested in production under a feature flag.

RBAC has been the highest priority item since we launched last year. It took coordinated effort with the Auth team to fit within the Dashboard permissions model, hence the amount of time needed to get this working.

What's coming is the ability to assign an admin (write), auditor (read), operator (execute), and deny permissions specifically for Workflows under the Automation menu. You will no longer need lean on the Org Admin role.

The above will come with the "Production Ready" flag, so only workflows you mark as Production Ready will be available for the operator to see/run. In addition, folder support will be delivered soon.

Future enhancements for attribute-based access control (ABAC), where it's down to which specific workflows/folder a user can edit/run is, on the long-term roadmap.