My idea is that there should be a custom Experience Builder widget upload privilege in Portal. Currently, the only requirement to add a custom ExB widget to Portal is having administrator privileges according to this documentation. However, there isn't a specific administrator privilege that enables the ability to add custom widgets. The only requirement is that the Portal account have at least any one administrator privilege.
I understand limiting the ability to add custom widgets to only admins for security reasons. However, I also think that should be the organization's decision to specify who gets to add custom widgets, and I think a privilege based approach to this would work great.
Currently, the only way to accomplish giving someone the ability to add custom widgets without making them a full admin is giving them a "low risk" random administrator privilege.
My idea is that there should be a specific role that provides the ability to upload custom widgets. I find it odd that any one admin role provides the ability to add custom widgets, and I think that task should be a specific role that we can assign to users.
This geonet post inspired this idea.
