Non authorized users (containing asset role) having access to Flow DesignerIssue Users who have the asset role are able to access the Flow Designer application. Even though these users were added to a group that doesn't have any of the Flow Designer roles, they are still able to access the application.CauseUpon investigation, it was discovered that the user's profile included the flow_operator role, which allowed them to access the Flow Designer application. The flow_operator role was added to the user's profile because the group they belong to had the asset role assigned to it. The asset role included the category_manager role, which in turn included the model_manager role, the catalog_editor role, and finally the flow_operator and flow_designer roles. As a result, the flow_designer roles were added to the user's profile. See below role containing hierarchy for reference. Asset ➔ category_manager ➔ model_manager ➔ catalog_editor ➔ flow_operator and flow_designerResolutionReviewing the roles hierarchy and removing the non required flow designer roles would resolve the issue.Related LinksFlow designer application could be accessed through below three roles: flow_designer, flow_operator and action_designer Refer to User access to Flow Designer on flow designer roles.