Review workflow permissions.

Permission manifest

Every marketplace workflow version has a permission manifest. The manifest describes the integrations, scopes, actions, data categories, and human-review expectations the workflow needs. NW Agentic records the permission snapshot approved at install time.

What to inspect

• Integration names and whether each integration matches the workflow's expected business process.
• Scopes and actions, including read, write, send, modify, delete, export, billing, or admin-like access.
• Restricted-category disclosures for legal, financial, healthcare, safety-sensitive, or other sensitive workflow behavior.
• Any human oversight, customer approval, or review gate required before the workflow acts.

Expanded permissions

If a future version asks for expanded permissions, you must explicitly approve the new permissions before updating to that version. A permission expansion can include a new integration, broader scope, new write action, additional data category, or a restricted-category change.

Versions with the same or reduced permissions can be easier to approve, but you should still review the changelog before updating.

Data boundary

Install only workflows whose permissions fit the customer data boundary you expect. If a workflow needs access to records, files, communications, billing data, or customer content that is outside the listed use case, pause and ask support before approving the install.

Related customer docs

For the full approval sequence, read the install guide. For permission behavior during new releases, read version updates.