Preflight profile in Action Wizard

Question

Using the Action Wizard, I am trying to setup an action that initiates a Preflight profile to flatten digital signatures in all PDF files located in a folder. The Preflight profile consists of a custom fixup that targets type:Signature form field and applies action:Flatten.

The Preflight profile works as intended when run normally via the Preflight menu, however, it does not work when it is added to the Action Wizard. Specifically, I receive the error: "Preflight is unable to perform any fixups on this document as its author did not grant the necessary permissions." So, it seems that by running the Preflight profile normally it somehow bypasses the security settings to apply the fixup but this is skipped when running via Action Wizard.

I have tried adding a "Save" action before the Preflight is run to no avail.

Does anyone have suggestions on how to solve this issue? Thank you in advance for your time.

Tariq Ahmad Dar · Accepted Answer

Hi ​@Henrik_R,Thank you for the detailed description — this is a known behavioral difference between interactive Preflight and Action Wizard, and the reason is intentional rather than a bug.WHY THIS HAPPENSWhen Preflight runs manually, Acrobat surfaces a confirmation dialog before applying fixups to a signed document: "Applying fixups may invalidate existing digital signatures.  Do you want to continue?"Your explicit confirmation is what grants the runtime permission to proceed. Action Wizard runs in a non-interactive batch context and does not surface this dialog. Without that acknowledgment, Acrobat enforces the document's signature-based permissions and returns the error you're seeing. This is by design — batch processing cannot silently override the integrity protections that digital signatures are specifically built to enforce.This is separate from password-based document security. The restriction is enforced by the PDF's DocMDP (Document Modification Detection and Prevention) entry, which is set by the signer at certification time to define what changes are permitted after signing. It is an ISO 32000 standard mechanism, not an Acrobat-specific one.WHAT TO CHECK FIRSTIf your PDFs have both password-based security restrictions AND signature restrictions, adding a "Remove Document Security" step as the first step in your Action Wizard will resolve the password layer. This is a built-in Action Wizard step and appropriate to use here.To check what type of restriction is in place: Open a PDF > File > Properties > Security tab Review the Document Restrictions SummaryIf the restrictions listed are under "Security Method: Password Security," the Remove Document Security step resolves this.If the restrictions are tied to the digital signature itself (you will see a note about certification or signature permissions), that is DocMDP-enforced and is handled differently — see below.THE CORRECT SOLUTION FOR DOCMP-RESTRICTED DOCUMENTSFor documents where the restriction is signature-enforced, the architecturally correct answer is to restructure the workflow: signature fields should be flattened before the document is signed, not after.Flattening after signing is what creates this conflict — the document's integrity has already been certified, and any structural modification (including flattening) is by definition a post-certification change that the DocMDP mechanism is designed to flag or block. This is not a limitation of Action Wizard specifically; it is the signature's own protection working as intended.If flattening before signing is not feasible for your workflow, and you have a legitimate business requirement to process these documents in batch, we would recommend:1. Opening a support case at https://helpx.adobe.com/contact.html so our team can understand your specific document type and signing context. Some configurations have options that are not appropriate to detail in a public thread.2. Submitting this as a feature request via the feedback link in Acrobat — specifically, a request for Action Wizard to include an explicit "allow signature invalidation" acknowledgment step, which would bring the batch path in line with what interactive Preflight currently offers. This is a reasonable gap in the current implementation.Please share the results of the Security tab check and let us know whether flattening before signing is an option in your workflow — that will help us point you in the right direction.For a deeper look at how digital signature permissions work in PDF — including how DocMDP controls what changes are permitted after signing — Adobe's technical guide on digital signatures in PDF is a good reference: https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/Acrobat_DigitalSignatures_in_PDF.pdfThis behaviour is governed by the PDF specification's DocMDP (Document Modification Detection and Prevention) mechanism, which the certifying signer sets at the time of signing. Adobe's published guide on digital signatures in PDF covers this in detail if you'd like to understand the full permission model: https://www.adobe.com/devnet-docs/acrobatetk/tools/DigSigDC/Acrobat_DigitalSignatures_in_PDF.pdf~Tariq

lori34rhode · Answer

When you run a Preflight fixup manually, Acrobat treats it as an explicit, user-initiated action and temporarily elevates permissions to modify the documentstructural layer (including digital signatures). However, when executed via the Action Wizard (batch processing), Acrobat strictly enforces document security and signature integrity policies to prevent automated, silent tampering of signed documents. Because flattening a signature technically alters the document's certified state, the automated engine blocks it with that permission error.

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded