User Guide Cancel

Asset settings

Search
  1. Adobe Enterprise & Teams: Administration guide
  2. Plan your deployment
    1. Basic concepts
      1. Licensing
      2. Identity
      3. User management
      4. App deployment
      5. Admin Console overview
      6. Admin roles
    2. Deployment Guides
      1. Named User deployment guide
      2. SDL deployment guide
      3. Deploy Adobe Acrobat 
    3. Deploy Creative Cloud for education
      1. Deployment guide
      2. Integration with Canvas LMS
      3. Integration with Blackboard Learn
      4. Configuring SSO for District Portals and LMSs
      5. Kivuto FAQ
      6. Primary and Secondary institution eligibility guidelines
  3. Set up your organization
    1. Set up identity
      1. Identity types | overview
      2. Set up organization with Enterprise ID
      3. Set up organization with Federated ID
        1. SSO overview
        2. Setup Azure Connector and sync
          1. Set up SSO with Microsoft via Azure OIDC
          2. Add Azure Sync to your directory
          3. Azure Connector FAQ
        3. Set up Google Federation and sync
          1. Set up SSO with Google Federation
          2. Add Google Sync to your directory
          3. Google federation FAQ
        4. Generic SAML
          1. Set up SSO with other SAML providers
          2. Set up SSO with Microsoft ADFS
          3. SSO Common questions
          4. SSO Troubleshooting
        5. Education SSO
          1. Configure SSO for District Portals and LMS
          2. Common questions
      4. Verify ownership of a domain
      5. Add and manage domains
      6. Link domains to directories
      7. Use directory trust to add pre-claimed domains
      8. Migrate to new authentication provider
    2. Asset settings
    3. Authentication settings
    4. Privacy and security contacts
    5. Console settings
    6. Manage encryption
  4. Manage products and entitlements
    1. Manage users
      1. Overview
      2. Administrative roles
      3. User management techniques
        1. Manage users individually   
        2. Manage multiple users (Bulk CSV)
        3. User Sync tool (UST)
        4. Microsoft Azure Sync
        5. Google Federation Sync
      4. Change user's identity type
      5. Manage user groups
      6. Manage directory users
      7. Manage developers
      8. Migrate existing users to the Adobe Admin Console
      9. Migrate user management to the Adobe Admin Console
    2. Manage products and product profiles
      1. Manage products
      2. Manage product profiles for enterprise users
      3. Manage self-service policies
      4. Manage app integrations
      5. Manage product permissions in the Admin Console  
      6. Enable/disable services for a product profile
      7. Single App | Creative Cloud for enterprise
      8. Optional services
    3. Manage Shared Device licenses
      1. What's new
      2. Deployment guide
      3. Create packages
      4. Recover licenses
      5. Migrate from Device Licensing
      6. Manage profiles
      7. Licensing toolkit
      8. Shared Device Licensing FAQ
  5. Manage storage and assets
    1. Storage
      1. Manage enterprise storage
      2. Adobe Creative Cloud: Update to storage
      3. Manage Adobe storage
    2. Asset migration
      1. Automated Asset Migration
      2. Automated Asset Migration FAQ  
      3. Manage transferred assets
    3. Reclaim assets from a user
    4. Student asset migration | EDU only
      1. Automatic student asset migration
      2. Migrate your assets
  6. Manage services
    1. Adobe Stock
      1. Adobe Stock credit packs for teams
      2. Adobe Stock for enterprise
      3. Use Adobe Stock for enterprise
      4. Adobe Stock License Approval
    2. Custom fonts
    3. Adobe Asset Link
      1. Overview
      2. Create user group
      3. Configure Adobe Experience Manager Assets
      4. Configure and install Adobe Asset Link
      5. Manage assets
      6. Adobe Asset Link for XD
    4. Adobe Acrobat Sign
      1. Set up Adobe Acrobat Sign for enterprise or teams
      2. Adobe Acrobat Sign - Team feature Administrator
      3. Manage Adobe Acrobat Sign on the Admin Console
    5. Creative Cloud for enterprise - free membership
      1. Overview
      2. Getting started
  7. Deploy apps and updates
    1. Overview
      1. Deploy and deliver apps and updates
      2. Plan to deploy
      3. Prepare to deploy
    2. Create packages
      1. Package apps via the Admin Console
      2. Create Named User Licensing Packages
      3. Adobe templates for packages
      4. Manage packages
      5. Manage device licenses
      6. Serial number licensing
    3. Customize packages
      1. Customize the Creative Cloud desktop app
      2. Include extensions in your package
    4. Deploy Packages 
      1. Deploy packages
      2. Deploy Adobe packages using Microsoft Intune
      3. Deploy Adobe packages with SCCM
      4. Deploy Adobe packages with ARD
      5. Install products in the Exceptions folder
      6. Uninstall Creative Cloud products
      7. Use Adobe provisioning toolkit enterprise edition
      8. Adobe Creative Cloud licensing identifiers
    5. Manage updates
      1. Change management for Adobe enterprise and teams customers
      2. Deploy updates
    6. Adobe Update Server Setup Tool (AUSST)
      1. AUSST Overview
      2. Set up the internal update server
      3. Maintain the internal update server
      4. Common use cases of AUSST   
      5. Troubleshoot the internal update server
    7. Adobe Remote Update Manager (RUM)
      1. Use Adobe Remote Update Manager
      2. Channel IDs for use with Adobe Remote Update Manager
      3. Resolve RUM errors
    8. Troubleshoot
      1. Troubleshoot Creative Cloud apps installation and uninstallation errors
      2. Query client machines to check if a package is deployed
      3. Creative Cloud package "Installation Failed" error message
    9. Create packages using Creative Cloud Packager (CC 2018 or earlier apps)
      1. About Creative Cloud Packager
      2. Creative Cloud Packager release notes
      3. Application packaging
      4. Create packages using Creative Cloud Packager
      5. Create named license packages
      6. Create packages with device licenses
      7. Create a license package
      8. Create packages with serial number licenses
      9. Packager automation
      10. Package non-Creative Cloud products
      11. Edit and save configurations
      12. Set locale at system level
  8. Manage your account
    1. Manage your Teams account
      1. Overview
      2. Update payment details
      3. Manage invoices
      4. Change contract owner
      5. Change reseller
    2. Assign licenses to a Teams user
    3. Add products and licenses
    4. Renewals
      1. Teams membership: Renewals
      2. Enterprise in VIP: Renewals and compliance
    5. Purchase Request compliance
    6. Value Incentive Plan (VIP) in China
    7. VIP Select help
  9. Reports & logs
    1. Audit Log
    2. Assignment reports
    3. Content Logs
  10. Get help
    1. Contact Adobe Customer Care
    2. Support options for teams accounts
    3. Support options for enterprise accounts
    4. Support options for Experience Cloud

Asset settings give an organization control over how its assets are shared outside the organization. The System administrator can select a restrictive setting that limits employees from using specific sharing features within Creative Cloud and Document Cloud. Asset settings are used along with other third-party organizational policy enforcement systems to ensure that assets are only shared with appropriate external entities.

You have three sharing restrictions policies to choose from:
  • You can keep this default setting whereby users are allowed to share public links and collaborate on shared folders with anyone inside or outside the organization.
  • Recommended for enterprises who trust their employees to have freedom, control, and access to every Creative Cloud and Document Cloud feature.
  • You can restrict public link sharing and many public publish options. See the tables under Deployment Options for details.
  • Recommended for enterprises who want to prevent public sharing but still want to allow invitation-based sharing with anyone inside and outside of the organization.
  • You can restrict invitation-based sharing to recipients in your org, claimed domainstrusted domains, and authorized domains. After you set this policy, the users are prevented from sharing organization-owned assets with external users who are not members of the org or in the list of allowed domains.
  • Recommended for enterprises who need tight control over which external domains can access organization assets.

The time taken to restrict sharing through Asset Settings is proportional to the number of users in the organization and the sharing relationships between them. For some Adobe products and services, it also involves invalidating cached entries in CDNs and removing preview images from slack. If the Asset Setting is changed, it can take up to 24 hours to fully take effect.

You also have two access request policies to choose from:

You can use this default setting to allow users with no permissions to a folder or document to request access to it.

For added privacy, you can use this setting to prevent users from requesting access to a document that has not been shared with them.

Note:

Asset Settings are not a digital rights management system (DRM) or a complete asset protection system. Employees with access to certain assets can still copy them and share with others outside the organization using third-party systems.

Deployment Considerations

Before you turn on sharing restrictions, consider the impact it has on your end users.

After you choose a setting, you cannot stop or reverse the consequent deletion process. If you choose No public link sharing, all existing public links are removed and users with these links can no longer access the linked content. If you choose Sharing Limited to Org Members and Trusted Users, any current external collaborators who are not part of the org or claimed, trusted or authorized domains lose access to content previously shared with them.

Below are the Creative Cloud and Document Cloud sharing and publishing functionalities that are impacted when you select No public link sharing or Sharing Limited to Org Members and Trusted Users.

Application

Impacted features

Application

Impacted features

Adobe Comp

Share, Send to Behance

Adobe XD

Invitations, Share link

Aero (mobile)

Publish link, Post to Behance

After Effects

Invite to Team Project, Invite to Library

Animate

Social share

Behance

Creating or updating projects or Work in Progress, Invitations

Capture

Share, Invitations

Creative Cloud (desktop and mobile)

Get link, Invitations

Creative Cloud Assets

Get link, Invitations, Share to Slack

Creative Cloud Libraries

Get link, Invitations, Share to Slack

Dimension

Generating public links

Fresco

Get link, Invitations

Illustrator and Illustrator Draw

Link to project, Invitations

InDesign

Publish Online, Share for Review

Lightroom

Not applicable

Photoshop (desktop)

Invitations

Photoshop (mobile)

Share to social

Photoshop Sketch

Link to Project

Portfolio

Access to Portfolio site, create drafts, and publish

Premiere Pro

Invite to Team Projects
Note:

You can't enable or disable Lightroom sharing on the Admin Console.

Learn more about enabling and disabling services.

Application

Impacted features

Application

Impacted features

Acrobat and Reader desktop apps

Share

Adobe Document Cloud for Microsoft Outlook

Share

Mobile apps (including Adobe Scan and Acrobat)

Share Link, Share Document Cloud Link

Web services (cloud.acrobat.com)

Share

Choose Sharing Options

To choose a restrictive Asset Setting for your organization, do the following:

  1. In the Admin Console, navigate to Settings > Asset Settings.

    Sharing Restriction Policy

  2. Choose a Sharing Restrictions Policy.

    You can choose from three levels of restrictions. Once you choose a more restrictive setting, you cannot stop or undo the loss of existing public links or shared folder or document collaborations.

    If you select Sharing Limited to Org Members and Trusted Users, ensure that you define your authorized domains. Any current external collaborators who are not part of the org or claimed, trusted or authorized domains will lose access to content previously shared with them.

    Note:

    To use the option Sharing Limited to Org Members and Trusted Users with Document Cloud, you must add your claimed and trusted domains to the Authorized Domains.

    Sharing Options

    Restrictions

    Impact on existing links and collaborations

    No restrictions

    Users are allowed to create public links and collaborate on shared folders and documents with anyone.

    No impact.

    No public link sharing

    Prevents users from creating public links.

    Deletes all existing public links. Once this process starts, you cannot stop or undo it.

    Sharing limited to org members and trusted users

    Prevents users from creating public links and restricts collaboration on shared documents and folders only to users in your org, trusted, claimed, or authorized domains.

    Deletes all existing public links and deletes all existing collaborations on shared documents and folders with users who are not in the org or an allowed domain. Once this process starts, you cannot stop or undo it.

  3. Click Confirm.

    If you want your users to continue sharing organization-owned assets with specific external organizations or individuals, do the following.

    • For an external organization such as an agency: Add the agency’s domain to the authorized list of domains under Asset Settings in the Adobe Admin Console.
    • For a freelancer: Issue the individual an Enterprise ID, or Federated ID from your organization. Or, add the user as a Business ID type to your organization on the Admin Console.
    Note:

    So as to provide benefits such as enterprise storage and other enterprise-level features, we are migrating all existing Adobe IDs to Business IDs. All new business customers will use Business IDs for their team members.

    You'll receive advance communication when your organization is scheduled for this upgrade. For more information, see Introduction to Business IDs and new storage features. Until your organization is migrated, you will continue to use Adobe ID type to access the organization. Support for Adobe IDs will then be reserved for individual customers only.

  4. Choose an Access Request Policy and click Confirm.

    By default, access requests are allowed.

    So, a user with the link to a shared resource, but without the permission to view it, can request access. Users with sharing permissions on the document receive notifications for each access request and can decide whether to grant or deny access.

    The requester receives a notification when the access is granted or denied.

    Access Request Policy

    Note:

    If you have a sharing limited to org members and trusted users policy selected, that restriction is applied when users attempt to grant an access request made by someone outside the organization. 

Authorized domains

Authorized Domains are the domains that are safe to collaborate with. If you have selected Sharing Limited to Org Members and Trusted Users, you can add domains to the Authorized Domains.

Add authorized domains

  1. In the Admin Console, navigate to Settings Asset Settings > Authorized domains.

  2. Click Add Domains.

  3. Enter the domains in the Add Domains dialog. You can add multiple domains separated by commas. Click Add.

    Note:

    You cannot authorize subdomains. For example, west.example.com and east.example.com are subdomains of the example.com domain.

    Note:

    To use the option Sharing Limited to Org Members and Trusted Users with Document Cloud, you must add your claimed and trusted domains to the Authorized Domains.

Remove authorized domains

To remove domains from the list, select the check box to the left of the domain names, and click Remove Domains. Then, click Remove to confirm.

The domain name is removed from the Authorized Domains. If the sharing option is Sharing Limited to Org Members and Trusted Users, any shares to the removed domain are revoked.

Remove an authorized domain

Caution:

Removing domains from the authorized list deletes all existing collaborations on shared documents and folders between users in that domain and the users in your organization. Once this process starts, you cannot stop or undo it.

Implications for users in multiple organizations

Adobe strongly recommends that a user only be a member of one organization. Where users must be members of multiple organizations, all organizations must have the same Sharing Policy and Allow Lists configured.

More like this

Adobe logo

Sign in to your account

Quick links

View all your plans Manage your plans

Legal Notices    |    Online Privacy Policy