diff --git a/onadata/apps/main/models/meta_data.py b/onadata/apps/main/models/meta_data.py
index ccaba26e25..580cd6705a 100644
--- a/onadata/apps/main/models/meta_data.py
+++ b/onadata/apps/main/models/meta_data.py
@@ -38,6 +38,7 @@
     TEXTIT_DETAILS,
     XFORM_META_PERMS,
 )
+from onadata.libs.utils.project_utils import propagate_project_permissions_async
 
 ANONYMOUS_USERNAME = "anonymous"
 CHUNK_SIZE = 1024
@@ -139,6 +140,11 @@ def unique_type_for_form(
             result.extra_data = extra_data
             result.save()
 
+        kpi_url = getattr(settings, "KPI_FORMBUILDER_URL", None)
+        if metadata_created and kpi_url and kpi_url in result.data_value:
+            project = result.target_object.project
+            propagate_project_permissions_async.apply_async(args=[project.pk])
+
     if data_file:
         if result.data_value is None or result.data_value == "":
             result.data_value = data_file.name
diff --git a/onadata/libs/utils/project_utils.py b/onadata/libs/utils/project_utils.py
index 3fe2392a2d..a9acfcc550 100644
--- a/onadata/libs/utils/project_utils.py
+++ b/onadata/libs/utils/project_utils.py
@@ -20,14 +20,8 @@
 from onadata.apps.api.models.team import Team
 from onadata.apps.logger.models.project import Project
 from onadata.celeryapp import app
-from onadata.libs.permissions import (
-    get_role,
-    is_organization,
-)
-from onadata.libs.utils.common_tags import (
-    API_TOKEN,
-    ONADATA_KOBOCAT_AUTH_HEADER,
-)
+from onadata.libs.permissions import get_role, is_organization
+from onadata.libs.utils.common_tags import API_TOKEN, ONADATA_KOBOCAT_AUTH_HEADER
 from onadata.libs.utils.common_tools import report_exception
 from onadata.libs.utils.model_tools import queryset_iterator
 
@@ -178,12 +172,15 @@ def propagate_project_permissions(
 
         # Propagate permissions for XForms that were published by
         # Formbuilder
+        kpi_url = getattr(settings, "KPI_FORMBUILDER_URL", None)
         for asset in project.xform_set.filter(deleted_at__isnull=True).iterator():
             if (
-                asset.metadata_set.filter(
+                not asset.metadata_set.filter(
                     data_type="published_by_formbuilder", data_value=True
-                ).count()
-                == 0
+                ).exists()
+                and not asset.metadata_set.filter(
+                    data_type="source", data_value__icontains=kpi_url
+                ).exists()
             ):
                 continue
 
@@ -198,8 +195,20 @@ def propagate_project_permissions(
                     }
                 )
 
+            asset_uid_url = (
+                asset.metadata_set.filter(
+                    data_type="source", data_value__icontains=kpi_url
+                )
+                .first()
+                .data_value
+            )
+            match = re.search(r"assets/(.+?)\.json", asset_uid_url)
+            asset_uid_from_url = None
+            if match:
+                asset_uid_from_url = match.group(1)
+
             assigned_permissions = retrieve_asset_permissions(
-                service_url, asset.id_string, session
+                service_url, asset_uid_from_url or asset.id_string, session
             )
             new_users = [
                 username
@@ -223,7 +232,7 @@ def propagate_project_permissions(
             if new_users:
                 assign_change_asset_permission(
                     service_url,
-                    asset.id_string,
+                    asset_uid_from_url or asset.id_string,
                     new_users,
                     session,
                 )