Product UpdatesStatus PageWorkato Academy
English
Get a trial
Organization & workspaces
Workspace collaborators
Role-based access control

# Migrate to the new access control model

Workato's new access control model replaces collaborator roles and custom roles with environment roles and project roles. This separation improves flexibility, clarity, and environment-specific access control.

# Migration overview

The new access control model replaces legacy collaborator roles and custom roles with separate environment roles and project roles.

Legacy system roles such as Admin, Analyst, and Operator map directly to new environment and project roles. Legacy custom roles split into two independent roles, one for environment-level permissions and another for project-level permissions.

A built-in migration wizard guides you through the process and provides a downloadable report for auditing changes. Refer to Migration strategies for migration considerations and best practices.

# Migrate legacy system roles

Workato provides a built-in migration wizard to convert each legacy system role into a corresponding environment role and project role. Complete the following steps to migrate your legacy system roles:

1

Go to Workspace admin > Access control > Collaborator roles.

2

Select a legacy system role.

Upgrade your system roleUpgrade your system role

3

Click Upgrade system roles to launch the wizard.

Upgrade your system roleClick Upgrade system roles

The wizard outlines how the legacy role splits into an environment role and a project role.

Role breakdown overviewRole breakdown overview

4

Click Next.

5

Review how each deprecated role maps to a new environment role and project role.

Review role assignmentsReview role assignment

You can also download a summary report for a detailed breakdown.

6

Click Upgrade to complete the migration. Workato deprecates the legacy roles and replaces them with the mapped roles.

# Migrate legacy custom roles

Legacy custom roles combine workspace, environment, and project permissions in a single role. The migration wizard separates these into independent environment and project roles.

Complete the following steps to migrate custom roles:

1

Go to Workspace admin > Access control > Collaborator roles.

2

Choose the legacy custom role you plan to upgrade.

Upgrade your custom roleUpgrade your custom role

3

Click Upgrade role to launch the wizard.

Upgrade your custom roleUpgrade your custom role

The wizard outlines how the legacy role splits into separate environment and project roles.

Role breakdown overviewRole breakdown overview

4

Define the new Environment role name and review optional permissions for the role. You can enable Manage projects to allow collaborators with this environment role to manage access and modify all projects within the environment.

Set up environment roleSet up environment role

5

Click Next.

6

Define the new Project role name and review optional permissions for the role. You can enable Control project access to allow collaborators with this project role to add, remove, and change access within the projects they're part of.

Set up project roleSet up project role

7

Click Next and review the updates. You can download a summary report for auditing.

Review and upgradeReview and upgrade

8

Click Upgrade to complete the migration.

RBAC FAQs
Migration strategies


Last updated: 10/7/2025, 3:50:03 PM

On this page