Back to all posts

Introducing Actor permissions: greater transparency and control for users and developers

You can now choose between two clear permission levels for your Actors.
by
Nishad Manerikar
Nishad Manerikar

We’re excited to announce a significant security enhancement to the Apify platform: Actor permissions. This new feature is designed to add another layer of user data protection by changing how Actors access that data.

While we do have a process to actively monitor what data Actors access, this update goes a step further by moving us to a “secure by default” data access model.

The approach is similar to mobile platforms (Android, iOS), where each app has to explicitly request the access it needs, and the user has to approve it.

The difference is that instead of granular per-Actor permissions, we have opted for just two clear permission levels that developers can choose between, to explicitly declare the access their Actor needs. The two permission levels are:

  • Limited permissions: The intended new default for most Actors. Actors with this level have restricted access, i.e. they can primarily access only their own storages and the data they generate. They cannot access other user data on the Apify platform.
  • Full permissions: This level grants an Actor the same broad access it has today, allowing it to access all of a user’s Apify account data.

We expect the vast majority of public Actors to function perfectly with limited permissions.

Actor permissions configuration

For Actor users: what this means for you

As an Apify user, this feature gives you greater transparency and control over your data.

Confirmation for full permissions

Initially, the experience of running an Actor will not change.

You will see a permission badge on every Actor’s detail page. This badge clearly indicates whether the Actor requires Limited permissions or Full permissions.

Full permissions badge visible on Apify Store detail page

Once the feature is fully rolled out in early 2026, running a Full permission Actor for the first time from Apify Console will trigger a confirmation dialog. You will need to explicitly authorize the Actor’s broad access.

Changing Actor permissions

If an Actor requires full permissions, we recommend checking its README to understand why it needs a higher level of access (it could be for legitimate administrative tasks, e.g. managing schedules).

Safeguard for existing integrations

We have designed this feature to avoid breaking existing user integrations. Running Actors programmatically via the API will continue to work as it does now: no explicit confirmation is needed even for full permission Actors.

There will be a critical safeguard in place to prevent an Actor from suddenly gaining broader access without your explicit consent: If an Actor developer upgrades an existing Actor from limited to full permissions, any existing integrations you have for that Actor (like schedules or API calls) will fail. To resume functionality, you must manually re-authorize the Actor in the Apify Console.

For Actor developers: preparing for the new default

Limited permissions will become the default for all new Actors. We strongly encourage you to review your existing Actors and migrate them to limited permissions where possible, as users will naturally prefer Actors that use the more restricted access level. Importantly, Actors using limited permissions will rank higher in the Actor store.

The scope of limited permissions

Actors with limited permissions are allowed to perform only a specific set of actions. This set of actions is tailored for a typical scraper or automation tool and should cover the vast majority of common use cases. For example, an Actor that just reads user input and writes output to its default storage will work out of the box with limited permissions.

Migration is straightforward for most

We expect that most public Actors can be migrated to limited permissions with minor, if any, adjustments.

The official documentation provides a comprehensive guide to the migration, including

  • How to test your Actor with limited permissions before migrating it
  • Scenarios where code or configuration changes are necessary
  • How to make the changes in order to achieve a smooth migration

Apart from the documentation, we are available on all the usual channels to help you with the migration.

Expected roll-out plan

We are rolling out Actor permissions in phases. We are currently in a transition period where we are working closely with the Apify developer community to migrate their Actors. Actor detail pages already show the permission badges. Finally, in early 2026 we will complete the roll-out, including the confirmation modal for running full permission Actors.

Nishad Manerikar
Nishad Manerikar
Senior Engineer at Apify. Coming off a longish career break during which I traveled around Europe, India and South-east Asia, dabbled in portrait and travel photography, and learned lots of new stuff. Worked at Bloomberg LP in London before all this.
On this page

Build the scraper you want

No credit card required

Start building

Related articles