Form URLs behind Workspace authorization
Brent
Hey everyone!
We've heard feedback from users who want Forms to require authentication before someone can access or submit them.
Right now, Forms in ClickUp are public by default and can be accessed by anyone with the link. While this makes it easy to collect responses, it may not meet the requirements of some teams or industries.
We're using this post to track interest in a setting that would allow admins to restrict Form access to logged-in Workspace members.
If this is important to your team, please upvote and share your use case in the comments so we can better understand your needs and prioritize accordingly.
Log In
Marcia Dias Ramos
This is a security issue that should be treated with the seriousness it deserves. Many users may be unaware that their forms are publicly accessible. Forms are assets, and as such, should be private by default.
This issue could significantly impact our decision to continue using the platform.
It’s important to note that this concern was raised years ago (https://clickup.canny.io/feature-requests/p/dont-make-attachments-available-externally-via-url-unless-specifically-set). While part of it was addressed, clips and forms were excluded from the fix. Given the number of votes on that original request, this shouldn’t require a new feature ticket—it should be seen as an incomplete resolution.
Security-related items like this should not be relegated to a community feature request. They should be escalated directly to Product Development and prioritized accordingly.
Микита Морозов