Admin should be able to activate automations for their team
I'm new to using PipeDrive Automations. Can someone at PipeDrive PLEASE explain to me, when I as an Admin create an automated workflow that all members of my team must use, why EVERY user has to go in and accept/activate EACH automation??? It isn't their choice whether they want to use it or not… it's our PROCESS that all users must use for consistency and an Admin should be able to activate the workflow for everyone. It's a huge waste of time that I have to send an email to each team member telling them step by step the name(s) of each automation, where to find them, and how to activate them. Waste of time that they have to go in and activate them. Waste of time that I have to follow up with the ones who didn't activate them. Please tell me why PipeDrive thinks it makes sense that an Admin should not be able to activate workflows/automations for their team. Thank you.
Comments
-
hi @JB04 there's a difference between date triggered and event triggered activities. event activities can be activated for all users with "triggered by anyone" setting. date triggers need to be activated by each user individually. thats just a very unfortunate way of how date based automations work currently.
i do agree - @Manuel Oliveira its actually super inconvenient as many pipedrive users are unfamiliar with workflow automations and an admin usually understands when date based workflows should trigger for all or specific users. this creates unnecessary friction and additional work to chase users
0 -
Hi @Nikolai Sokolov that's a good point. I double-checked with our automations team, who confirmed this is an intentional decision to introduce security by design. Such as to prevent cases in which an ill-intentioned team member with admin permissions would cause problems for another user. Here's an example that this mechanism is designed to prevent, considering an admin and a regular user:
1- The admin user creates an automation that, when a deal is updated, sends a malicious email to the deal's contact person.
2- The admin user also assigns the automation to a regular user without their knowledge.
3—The regular user updates a deal. The automation then triggers and sends the malicious email to the deal contact from their own email account. This happens without the regular user being aware of it.
4- Finally, the admin removes the automation and any traces of wrongdoing.
Bear in mind that automations set to be triggered by any user are different since they’re executed from the automation owner’s account, and not the users who trigger it.
0 -
Ridiculous! There's a SLIM chance that your scenario would happen… certainly not enough to make it such a difficult process for ALL of your clients! The reason we don't want to make all automations available to all users IS because of what you described… because then ANY user COULD trigger the automation, even users who the automation isn't intended for! We want to control who is able to trigger the automation and we're intelligent enough to assign it to exactly who should be able to trigger it… and they should NOT have to accept our standardized process!
A process with 15 automations means EVERY USER has to go in and accept ALL 15 automations! The likelihood that they will overlook one or more is HIGH. Plus the complete waste of time and lost productivity for my team. I should be able to assign automated workflows for my team without their approval. Period.
PipeDrive seems insistent on ignoring common sense requests from their clients. Another reason to look for a different CRM.
0 -
Hi @Manuel Oliveira here's why I think it does more harm than being useful:
- I can think of 100 other ways to trigger malicious stuff employing the usual event trigger and "triggered by anyone" setting
- I can think of another 1000 ways using make or zapier and not leaving any trace in pipedrive in the first place
In all instances, an admin account will suffice. The current limitation is really something thats just annoying and "other CRMs solved better".
At the end of the day, having this limitation on date based workflows wont avoid trouble of granting admin privileges to the wrong people. But does create problems for everyone else.
Big hopes the team will recognize this just as it recognized the incredibly limiting setting for webhooks in workflows when they were first released. Those were unusable for similar reasons.
0 -
@JB04 @Nikolai Sokolov thank you for sharing your use cases. I have converted this post to product feedback so that it reaches our product team.
0 -
In comparison, HubSpot doesnt even have a setting for "this user / some users / just those who activate". Because that can be achieved with conditions. Admin access implies high risk and responsibility and is something account owners need to consider carefully.
Another feature of HubSpot that helps monitoring whats happening are detailed logs that cant be deleted or altered. With details of each execution (including deleted workflows), as well as configurable notifications. Much better security by design :)
0
