All Users group not having access to custom resource (REST API)

Current plan level (Free, Team, Business, or Enterprise: https://retool.com/pricing): Free
Monthly/Annual (if Team or Business):
Version of Retool (if self-hosted):

Question / Description:
I have created a resource that is of type REST API which is pointing to another website & application. However users that are only members of ‘All Users” permission group… are unable to execute the REST API, a permission error is thrown.
Yes, I am aware that as a ‘Free’ account I am not able to adjust the permission setting on that resource. However, when looking at plan comparisons there is a tick in “Connect to all databases and APIs” under the Resources section. Retool | Pricing
Like wise in the design mode, when the resource is added to the page there is a option under ‘Advanced’ to set the ‘Access controls’ on the REST API resource, this has zero effect as well.

This leads me to believe that the ‘All Users’ group not having use permission on any custom resources that do not ship out of the box from retool is the issue and will override anything else I try, not having a paid plan prevent me from changing the permission.

Is this correct?
Is this expected behaviour?
Where does the documentation make mention that customer resource are not inscope or auto assigned to the ‘All User’ permission group?

Thanks,

L-J

Hello @kiwigas L-J, I saw that you were directed here by our Customer Service Representatives, welcome to the Community!!

Hmm you and all your users should be able to add, edit, and remove resources according to this doc.

Screenshot 2025-12-23 at 3.52.12 PM812×375 38.3 KB

Also just to double check, did you by any chance downgrade from another plan recently?

Hi,
no this is a new Retool instance / account, I then migrated the application from another retool instance/account into this current one. Both are on ‘free’ plan. My mistake when testing is everybody that tested was part of the ‘admin’ group. .

This morning I recreated the REST API resource from scratch and tested it. However I suspect it will behave the same as the previous one due to the fact that the system does not set the permission on the resource automatically for the ‘all users’ group.

I have included some screen shots below to show setups & behaviour…

image1270×821 49.8 KB

image1322×379 24.1 KB

image690×482 34.6 KB

image801×591 43.4 KB

Using the ‘resource’ in a execution as a user in the ‘admin’ group the new api executes with no permission issues.

image620×1091 90.4 KB

@kiwigas Thanks for waiting, and thank you for the screenshots, they are really helpful!

We have seen a couple of similar situations before and are currently collecting more information and investigating. May I know when your org was created?

In the meantime, I can temporarily upgrade you to a Business trial so you can check the boxes for all users. Once you are done, let me know and I will make sure the Business trial does not end before you finish fixing it.

Thank you!

HI @ChiEn ,
thanks so much for doing that. I have updated the permissions for the ‘All Users’ group. See below.

I will my team member to test the use of the API with their ‘non admin’ account.

image432×569 28.1 KB

Yes test it out and let me know! @kiwigas
Also, may I know when your org was created?

Hi @ChiEn ,
I have confirmation that enabling the API for the ‘All Users’ group worked, the user was able to trigger the API. Thanks.

By ‘your org created’, I am going to assume the Retool account signup & importing of the application from a previous build subscription. That was around 13 to 17 Oct 2025.

Good to hear everything is working now, and thanks for sharing the details about your Retool account signup!