Hi. We're beginning to set up permissions for Beta users (the first external users we'll bring on) and I'm getting uneasy about our current permission setup. Advice would be appreciated. To be clear: As it stands today, ALL USERS MUST BE REGISTERED (via SSO) TO READ/WRITE. While I'm not sure how that's configured, apparently the default permissions have nothing to do with it. Reason for proposed change: What if we were to spin up a new role in the future, like "StrategicPartner" and forget to set up the community disallowance? Processes should help prevent this, but Default = Allow just seems reckless. How would you set it up? Is there anything else I need to consider? Now's the time to tweak it before we get deep. Are there any benefits of keeping it the way it is now? What would you do?
... View more