A repository user 'agent' is a member of the 'administrators' repository group. Administrators has every Privilege including "Manage Templates and Fields".
On the field 'Permit Status' workflow, connecting as agent, gets this error. The data assigned to field 'Permit Status' is not valid 9013 [Access denied. [9013]] [0265-WF10]
That should only happen if the data does not meet constraints on the field. There are no constraints, the token value can be pasted into the field and saved in the client as a different user.
I assigned edit field permission explicitly to agent and voila the workflow errors went away. This goes against everything I understand about Laserfiche security.
Help me understand what went wrong here. Why wasn't "Manage Templates and Fields" sufficient? Why did I have to add agent explicitly on one field? Every other field is fine.