User Settings: Granular/Custom User Access Level (Permissions)
Panyapol Panpho
Business Problem:
The current role-based permissions structure (Agent, Manager, Admin) does not provide enough flexibility for organizations with complex operational workflows. Many businesses — especially those with multiple internal departments — require fine-grained control over what each user can view, edit, or do inside the platform.
This leads to risks such as accidental customer replies, unauthorized data edits, or exposing sensitive information to users who should not have access.
Desired Outcome
- Introduce a granular permission system that allows workspace admins to customize access levels per user or per role. This should include the ability to enable or disable specific actions, modules, or permissions, such as:
- Access to Dashboard, Contacts, Messages, Snippets, Users & Teams (but not Workflows or advanced settings)
- Read-only access to conversations
- Restricting ability to reply to contacts
- Restricting ability to send files, surveys, or voice notes
- Allowing comments only for inter-team collaboration
Use Cases
- Multi-Team Operational Workflows
Some customers (e.g., online stores) have an operations team that reviews cases internally.
The desired flow:
- Customer care assigns a contact to the operations team
- Operations team reviews history
- Leaves internal comments
- Contact is returned to the agent
However:
- The operations team should not reply directly to the customer
- Replies must be text-only for some agents
- Operations team should have limited permissions (no surveys, no attachments, no voice notes)
- Restricting Access to Sensitive Contact Fields
- Currently, contact fields marked as hidden are only collapsed behind a dropdown — but are still accessible and editable.
- Organizations need stronger control over field visibility to protect internal or confidential data.
- View-only fields: Users (at least agents) should be able to see certain fields but not edit them.
- Fully hidden fields: Some fields should be completely invisible to certain roles (not displayed anywhere in the interface).
This is important for companies storing sensitive customer data (financial info, internal IDs, CRM-synced fields, etc.), where only a subset of users should have access or edit rights.
A
Alyaa See
Merged in a post:
Add dedicated access control for technical settings
M
Millat Hossin
Description
We need more granular permission control in Respond.io so we can restrict technical settings to a dedicated role. Right now, it would be helpful to separate access for: - Workflows - AI Agent configuration - Organisation settings - Channel settings. This would let us give day-to-day users access only to their operational tools, while keeping technical/admin settings limited to a small trusted team. It would improve security, reduce mistakes, and make role management easier for larger teams.
Use case:
We want managers or operators to handle broadcasts, inbox work, or reporting, without giving them access to workflow or technical configuration areas.
DEALIT Solutions
As a reseller, this restriction for specific role on each part of the system is important to prevent accidental change.
Please expedite this feature.
Thanks.
A
Alyaa See
Hi DEALIT Solutions , thanks for sharing your input.
We understand how important more granular role restrictions are for preventing accidental changes, especially for reseller use cases. We’ll continue tracking this request and keep you updated on any progress.
DEALIT Solutions
Alyaa SeeIt would be good if there's an interim solution while waiting for proper enhancement as business needs to go on. Security issue and accidental changes could cause business big loss if the ticket size is big.
DEALIT Solutions
Moreover, access control is pretty much a common things in today's world and I don't see the reason to work backwards with such an advance system in terms of UI and UX.
Hope this can be solved soonest. TQVM.
A
Alyaa See
Hi DEALIT Solutions, thanks for the context!
We’ll continue tracking granular permissions in this request. In the meantime, here are a few ways to reduce risk today:
- Restrict settings access: Assign users the Manager role with the Access to Workspace Settings restriction so they can work normally but can’t change settings, channels or integrations. You can also add the Contact Deletion restriction to prevent accidental contact removal.
- Use conversation-only access: For users who only need to handle conversations, assign the Agent role and scope Contact Visibility to their team or themselves.
- Separate clients by Workspace: If you manage multiple clients, placing each client in a separate Workspace helps limit the impact of accidental changes.
Our support team can help review the best setup for your account.
If these options don’t cover a specific scenario not already mentioned in the request, do let us know so we can factor it into the improvements.
A
Alyaa See
Merged in a post:
Access Management
Arshad Badul
Im looking to give my client access to inbox, contacts and reports only.
Current access levels work like this:
•
Agent
: Inbox/Messages only•
Manager
: Inbox, Contacts, Reports, and more•
Owner
: full access except billingIm looking for:
Manager: Inbox, Contacts, Reports ONLY.
Kutay Duran
+1, this is badly needed.
Specific pain point: there's no way to restrict which channels a user can see in the "message composer's channel dropdown". Every agent sees every active channel in the workspace, regardless of role or team.
Real scenario: sales team where each rep has their own WhatsApp (Coexistence) channel for QA monitoring. Any rep can accidentally (or intentionally) send a message to their own customer FROM another rep's channel, because the dropdown shows all channels to everyone. This causes customer confusion and accountability issues.
Multi-workspace isn't a real solution because it breaks centralized QA, reporting, and contact management. We need either:
- Per-user channel access control in Advanced Restrictions, OR
- Channel-to-Team assignment (so channels not assigned to a user's team don't appear in their composer)
Please move this up the priority list. The Calls permissions you shipped in May 2025 were great, same logic needs to apply to messaging channels.
A
Alyaa See
Hi Kutay Duran, thank you for the detailed request.
We’ve noted your feedback and will keep you updated on any progress on this request.
N
Nabilah Binti Salleh
Merged in a post:
Configuration: create custom role.
J
Jesús Cadena
Create the option of configuring a role with personalized permissions for different levels of the organization, for example, managers who should only see their work team, but also see dashboards, nowadays a manager can see everything that is in a workspace and this makes it difficult to clarify the information of their specific team when there is more than one business entity in the same workspace.
CALLJ1
I really need this feature! It is very useful
N
Nabilah Binti Salleh
Merged in a post:
Additional fields with viewing/hidden permissions only
Agust N Ignacio Palomo
Contact fields, when set as hidden, are only hidden behind a drop-down, and you can still access them to modify them, but you would need one of the following two functions:
- Fields with visibility only without editing permission (at least for the agent role).
- Fields that can be completely blocked from being accessed, without the possibility of seeing them in the interface (at least for the agent role).
Adil Khan
Please add team-scoped manager visibility so managers can view only their team’s messages and contacts rather than the entire workspace; include a permissions tab to choose access scope (Full workspace vs Tagged team(s)), and introduce one additional role level between User and Manager (e.g., Supervisor/Team Lead) for finer access control and approvals.
J
Joe Chen
We need to have agent setting level can view contact list base on team setting and broadcast message also available on agent setting or we can set additional layer permission between agent and manager.
Rosario Honorato Saxton
For compliance, it is urgent that users can be profiled so that they handle only the customer information that corresponds to them. And you can grant different permissions for each profile
Load More
→