Bring your towel and join one of the fastest growing data communities. Welcome to our second-generation open source orchestration platform, a completely rethought approach to dataflow automation.

Prefect Community

We created a credential block with access control. Block itself is not visible for anyone who doesn’t have access however, they are able to use it in their flows. Is that the expectation? My understanding was that they can’t use the block 

Hi <@U03CENB6B46> - can you send me the url of the block in question? Any actor not on the ACL will also not be able to use it in flows.

Workspace owners and organization admins will always have implicit access to blocks even when ACLs are set. Is the user in question using an api key that belongs to a workspace owner or org admin?

Nope.. we tried different personas. Sent you the link to the block