Previous
AppearanceNext
Billing & SubscriptionMembers & Permissions
Manage who has access to your workspace and what they can do.
The Members & Permissions settings let you control access to your workspace through role-based permissions and default access policies. Configure who can join, what roles they receive, and how permissions are applied to new content.
To access these settings, go to Settings in the sidebar, then select the Access & Permissions tab.
Default Record Permissions
Control the default visibility for newly created records:
| Setting | Description |
|---|---|
| Private | Only the creator can access new records |
| Team | The creator's team can access new records |
| Organization | The creator's organization can access new records |
| Space | All space members can access new records |
These defaults apply when users create new issues, documents, files, and other records. Users can always adjust permissions on individual records.
Role Management
Built-in Roles
Your workspace includes these default roles:
| Role | Description |
|---|---|
| Space Owner | Full ownership of all records in the space. Cannot be modified. |
| Administrator | Full access to all features. Can manage the workspace but cannot archive or delete the space. |
| Contributor | Can create and edit items, and manage teams. |
| Approver | Can view and approve items, but cannot create or edit. |
| View Only | Read-only access to all items. |
| Disabled | No access (for suspended accounts). |
The Space Owner role is locked and cannot be modified or deleted.
Permission Categories
Permissions are organized into resource categories with specific actions:
| Category | Available Actions |
|---|---|
| Documents | Create, Read, Update, Delete, Publish, Archive, Rename, Move, Duplicate, Version, Share, Comment |
| Files | Create, Read, Update, Delete, Archive, Rename, Move, Duplicate, Version, Share, Comment |
| Issues | Create, Read, Update, Delete, Archive, Assign, Share, Comment |
| Meetings | Create, Read, Update, Delete, Archive, Share, Comment |
| Milestones | Create, Read, Update, Delete, Publish, Comment |
| Database Schema | Create, Read, Update, Delete, Archive, Share, Comment |
| Database Entry | Create, Read, Update, Delete, Archive, Comment |
| Space | Update Settings, Invite Members, Remove Members, Manage Teams, Manage Organizations, Raise Support, Archive, Delete |
Permissions follow the format resource:action (e.g., document:create, issue:update).
Custom Roles
Create custom roles for specific needs:
- Go to Settings > Access & Permissions
- Click Add Role
- Enter a role name and description
- Select the permissions to include
- Click Save Role
Assigning Roles
Roles can be assigned at multiple levels:
| Level | Description |
|---|---|
| Space | Default role for all space members |
| Organization | Role for all members of an organization |
| Team | Role for all members of a team |
| Individual | Role override for specific members |
Lower-level assignments override higher-level ones.
Permission Inheritance
Permissions flow through the hierarchy:
- Space Role - Base permissions for all members
- Organization Role - Override for organization members
- Team Role - Override for team members
- Individual Role - Override for specific users
- Record Access - Per-record permissions (Owner, Editor, Viewer)
A user's effective permissions combine their role permissions with any record-specific access.
Troubleshooting
User can't access a record
Check these in order:
- Is the user a space member?
- Does their role have the required permission?
- Does the record's visibility allow access?
- Are they explicitly added to the record's access list?
User has unexpected access
Review:
- Their assigned role at each level
- Any role overrides
- Record-specific access grants
- Team and organization memberships
Next Steps
- Team Management - Manage team structure
- Roles & Permissions - Deep dive into permissions
- Overview - Learn about spaces