Limit what different user roles can do in your Workspace. Set granular permissions and security settings for guests, members, admins, and custom roles.
What you'll need
-
Private attachments are available on all ClickUp plans.
-
Business Plus and Enterprise Workspaces include custom permissions.
-
Admins can manage private Spaces and block public sharing in Enterprise Workspaces.
-
Members and guests cannot configure advanced permissions.
Edit advanced permission actions
Workspace owners and admins can configure advanced permission actions. To do so:
-
Click your profile avatar in the lower-left corner.
-
Select Security & Permissions.
-
Scroll down to the Advanced permissions section.
-
Toggle on or off the different permission actions for each user role:
|
Permission action |
Description |
|
Add/Remove Members |
Gives the user the permission to add or remove members to the Workspace. |
|
Git |
Allows the user to see and open the Github/Bitbucket/Gitlab modal on tasks and use all the features within it. |
|
Edit Statuses |
Gives the user the permission to create, edit, and delete statuses. If you have Edit Statuses toggled on, but Delete Items off, you will not be able to delete statuses. |
|
Manage Custom Fields |
Gives the user the permission to create, edit, and delete Custom Fields. If you have Manage Custom Fields toggled on, but Delete Items off, you will not be able to delete Custom Fields. |
|
Manage Tags |
Gives the user the permission to create, edit, and delete tags. If you have Manage Tags toggled on, but Delete Items off, you will not be able to delete tags. |
|
Send Email (Email ClickApp) |
Gives the user the permission to send emails using the Email ClickApp. The Add Email Accounts permission must be enabled before you can toggle this permission on. |
|
Add Email Accounts (Email ClickApp) |
Gives the user the permission to add authorized email accounts using the Email ClickApp. Toggling this on automatically enables the Send Email permission, but any combination of the two permissions can be set. |
|
Custom Roles |
Gives the user the ability to create, edit, delete and manage all custom roles. Users with this permission by default have access to all permissions. Only custom admins can be granted this permission. |
|
Create Spaces |
Gives the user the permission to create Spaces in the team Workspace. |
|
Create Views |
Gives the user the permission to create and edit views on locations. When toggled off, full Members can still create personal views. |
|
Delete Items |
Gives the user the permission to delete items. Optionally, you can have it so they can only delete tasks they create. |
|
Exporting |
Gives the user permission to export via the Workspace export setting. |
|
Importing |
Gives the user permission to import tasks via the Workspace import settings. |
|
Invite Guests |
Gives the user the permission to invite guests |
|
Workspace Integrations |
Gives the user the permission to setup any third party Workspace integrations. |
|
Workspace Permissions |
Gives the user the permission to change Workspace level permissions like (2FA, Public Sharing, SSO). |
|
Pinned Custom Fields |
Gives the user the ability to pin a Custom Field. Pinned Custom Fields are pinned across the Workspace wherever that field is being used. |
Allow admins to manage private Spaces
Workspace owners on the Enterprise Plan have the option to allow admins to manage private spaces, like transferring ownership, adding, and removing people from private Spaces.
To ensure privacy and security are preserved, users can choose to prevent the management of Spaces they own by disabling the Allow admins to manage this Space setting for their spaces.
- When Allow admins to manage this Space is disabled for the Space, admins only see the owner of the private Space. The Transfer ownership button is disabled.
- When Allow admins to manage this Space is enabled for the Space, admins will see the Space name and the Space owner. Admins can add or remove users to the Space and Transfer ownership.
Private attachments
Toggle on Private attachments to make attachment links automatically expire an hour after the link has been generated.
New links to an attachment will be generated each time that a task has been opened or exported to ensure that no unwanted links remain accessible after your work is complete.
Note: Setting attachments as private only applies to new attachments added after the feature has been turned on.
Block public sharing
In Enterprise Workspaces, admins can toggle on Block public sharing to increase security in three different ways:
-
Disable sharing links over 1 year
-
Disable never expiring links
-
Disable Public Template Sharing
Note: Blocking public sharing does not prevent sharing of attachment URLs.
Updated
Most viewed articles