Users & Permissions

📌 Roles & Permissions Changing Automatically With New Features (Creating a Management Nightmare)
I need to raise this as a critical issue rather than just an idea: It seems that whenever new features are introduced (or existing ones are enhanced), permissions are automatically being enabled across existing roles without the account owner being notified or given the choice. For example: We carefully roll out features like the AI Agent for clients, with strict role-based access in place. Later, we discover that team members or third-party users (who should have minimal permissions) suddenly have full access to make changes—simply because a new update gave them that ability by default. 📌 This has resulted in clients’ set-up work being disrupted multiple times a week. This kind of behind-the-scenes change creates: 📌 Operational risk (users unintentionally breaking workflows) 📌 Security concerns (granting privileges that were never intended) 📌 A heavy management burden (we have to manually re-check permissions daily to ensure nothing broke). Request: Please, moving forward, do not auto-enable new permissions across existing roles. Instead: 📌 Default new permissions to “off” unless explicitly granted by the account admin 📌 Provide clear release notes or alerts so account owners can decide how and when to adjust access Our customers are understandably upset when their workflows get disrupted, and it places avoidable strain on agencies and business owners trying to manage users responsibly. This feels like a bug in role/permission handling rather than a feature request. Thank you for taking this seriously and helping us protect both our clients and your platform’s stability.
1
📌 Add Role-Based Permissions + Team Management for Marketing Teams in Sub-Accounts
GoHighLevel currently handles user permissions individually within each sub-account — with Admin and User types, and manual permission toggles. As marketing agencies, multi-client setups, and education businesses with internal marketing teams grow, this gets tedious, prone to human error, and limits scalability. We need a smarter, team-oriented permission system. 🎯 Feature Request: Marketing Teams + Roles System 📌 Roles Predefined permission profiles like: Marketing Admin Marketing Manager Campaign Specialist Content Creator Ads Manager Each Role would define: What areas they can access (CRM, Conversations, Opportunities, Campaigns, Ads, Reporting, etc.) What actions they can take (View, Create, Edit, Delete) What records they can access (All, Owned, or Team-based) 📌 Marketing Teams Groups of users organized by team responsibilities and roles. Example: “Facebook Ads Team” → 3 users with the Ads Manager role “Lead Nurturing Team” → 2 users with the Campaign Specialist role “Marketing Managers” → oversight across all teams Teams can be assigned to: Pipelines Ad Accounts Campaign Projects Automations Opportunities Dashboards Leads and opportunities should be assignable to Marketing Teams as well as individual users. ✅ Why This Matters 🚀 Faster onboarding: Assign a role, drop them into a team 📊 Easier scaling: Manage permissions by role or team, not one by one 🏢 Multi-client and agency ready: Control who works on what without risking account-wide access 📈 Cleaner reporting: Track both individual and team marketing performance 🔒 Better security: Consistent, reliable permission structures, reducing errors and overexposure 📊 Comparison to Current System: Current GHL User-level manual permissions No teams, only individual users Lead/campaign assignment to individuals only User-based reporting only VS Proposed System Role-based permissions with inheritance Group users into Marketing Teams (e.g. Ads Team, Nurturing Team) Assign leads, opportunities, and campaigns to Teams Individual + Team-based performance reporting
0
Load More