Allow Users to Edit Group-Owned Items Without Requiring Creator Licences

Emily_Clark — Fri, 20 Mar 2026 05:31:56 GMT

I help maintain an ArcGIS Enterprise environment for a large government organisation that works with sensitive and operationally critical information. We’ve recently been facing challenges on a project where several team members need the ability to edit data, but we cannot assign them full editing or Creator licences without risking the integrity of our environment. At the same time, we can’t make the layer public, as doing so could expose sensitive information contained in the dataset.

This creates an operational deadlock: users need to maintain content, but our governance model prevents us from giving them the permissions that would enable it.

The problem:

In ArcGIS Enterprise, users currently require a Creator (or higher) user type to make even small adjustments to shared items, such as:

Updating symbology or map properties
Configuring pop-ups
Editing metadata
Adding, editing, or deleting records in attribute tables
Making basic updates to group-owned maps or layers

However, granting Creator licences also gives users capabilities they do not need, such as:

Creating new hosted layers
Publishing services
Overwriting feature layers
Deleting datasets

For environments handling sensitive data, this is a significant governance concern. As a result:

Users lack the permissions they need to maintain operational data
Administrators become bottlenecks for even minor updates

Enhancement Ideas:

Introduce a new permission model that allows users to edit existing items and table records shared within their groups, without granting high‑risk publishing or creation rights.

This could be implemented in one of two ways:

Idea 1: Introduce a New “Editor+” User Type

A user type that includes:

Editing maps and apps shared with their groups
Editing layer settings
Adding, editing, and deleting attribute table records

but excludes:

Creating new hosted content
Publishing data or services
Overwriting datasets
Deleting entire items

Idea 2: Add New Fine-Grained Role Privileges

For example:

“Edit items and table records shared within user’s groups (no ability to create or publish new content)”

This could be assigned to custom roles while retaining strict governance.

Why This Matters:

This change would support:

Stronger data governance – Allows operational updates without giving users privileges that could compromise sensitive datasets.
Operational efficiency – teams can maintain their own content without relying on GIS administrators for every small change.
Aligned with Real-World Needs – Many organisations manage sensitive or high-risk data but still need collaborative editing capabilities.

Who Benefits:

Organisations with large non-GIS workforces
Government agencies with tight data controls
Any organisation managing sensitive datasets across multiple teams

Enabling users to edit group-owned items and attribute table data, without granting high‑risk Creator permissions would significantly improve governance, collaboration, and cost efficiency within ArcGIS Enterprise environments. This enhancement would better reflect how organisations work today and provide a safer, more flexible approach to shared content maintenance.