# How to Set Access and Permissions in your ClickUp Hierarchy ## Метаданные - **Канал:** ClickUp - **YouTube:** https://www.youtube.com/watch?v=T91M5FRT1lA - **Дата:** 14.05.2026 - **Длительность:** 9:56 - **Просмотры:** 157 ## Описание Learn how to control who sees what in your ClickUp Workspace by setting access and permissions at every level of the hierarchy. In this video, we'll walk you through how permissions work across Spaces, Folders, Lists, and Tasks so you can keep your workspace secure while giving your team the access they need. You'll learn how permissions cascade through the ClickUp hierarchy, the difference between Workspace roles and Space-level permissions, how to set custom permissions at the Space, Folder, and List level, how to share individual tasks, Lists, or Folders with specific people or guests, and best practices for managing access as your workspace scales. #ClickUp #Permissions #WorkspaceManagement #ProjectManagement #ClickUpUniversity ## Содержание ### [0:00](https://www.youtube.com/watch?v=T91M5FRT1lA) Segment 1 (00:00 - 05:00) Have you ever built out a perfect ClickUp setup only to discover that team members are creating duplicate custom fields, conflicting statuses, or accidentally deleting critical tasks? In this video, I'll show you how to set access and permissions in your hierarchy so the right people can do the right work and your workspace stays organized. By the end, you'll know exactly which security settings to tweak from 2FA and SSO to roles, guests, and who has access to statuses, custom fields, and views. This way, your workspace stays organized, secure, and scalable as your team grows. Before we start clicking into settings, let's get on the same page with two concepts: hierarchy levels and roles. In ClickUp, your work lives in a hierarchy from workspace, which is the top level, down to spaces, then folders, lists, and finally tasks. On top of that, people have different roles like owners or admins, members, and guests. Owners and admins can manage highle settings. Members do the day-to-day work, and guests are typically external collaborators you've invited. Here's the key. The higher you are in the hierarchy, the more work you can impact. For example, if someone creates a custom field at the space level, it cascades to every folder list and task below it, which is how custom field bloat happens. If you can access workspace settings, you likely have a member or admin role. And what you can edit depends on your permissions. Some settings are owner only, which we'll tackle later on. First, secure how people log in. In your workspace settings, head to security and permissions and start with two-factor authentication or 2FA. Enable 2FA for your workspace and ensure your team turns it on using SMS codes or a Google authenticator style app. We recommend an authenticator app, especially for teams who travel because it doesn't depend on your phone number or roaming. If you're on a business plan or higher, you'll see single sign on or SSO. You can require SSO, so users sign in through your identity provider like Octa or Azure AD instead of email and password, giving you centralized control over access. On enterprise plans, you'll get advanced options like Microsoft SAML and automatic user provisioning. So, new teammates are created and managed directly from your identity system. Finally, configure session management. Set a reasonable idle time so when active sessions log out automatically. This is a small tweak that closes a big security gap. A common best practice is an idle timeout of 30 minutes for stricter security, so inactive sessions automatically log out and reduce the risk of unauthorized access. This is especially important if team members work from shared spaces or coffee shops. Next, let's control who's actually allowed in your workspace. In the same settings area, review your invite permissions. Decide who can invite new people and whether they can invite them as members or as guests only. Guests are perfect for clients or external collaborators where you have granular control over what they can see and do. You can restrict them to specific folders, individual lists, or even specific tasks, and their permissions are intentionally limited compared to full members. If you'd like a full walkthrough of how to set up and manage guests in ClickUp, I've got a separate video just for that. I'll link it up here on screen and down in the description for you. Now, let's tackle the most powerful tool for preventing workspace chaos, roles and custom permissions. This is where you define exactly what different types of users are allowed to do. In this view, you'll see a new role button if you have permission to manage custom roles. By default, only workspace owners have this ability, but owners can delegate it by enabling the manage custom roles permission in any custom role they create. On a business account, you can create one custom role. On enterprise, you can create unlimited custom roles. That's why a lot of larger teams prefer enterprise. They can define granular roles like admin, super admin, limited member, and more. Each with very specific permissions. Each role comes with a long list of toggles. Some options are grayed out for certain built-in roles, especially guests, which means you simply cannot expand what they can do. That's by design to keep guests limited and safe. There are a lot of permission toggles you can play with, but let's focus on the high impact ones you should get right from day one. Statuses, custom fields, views, and delete rights. First ### [5:00](https://www.youtube.com/watch?v=T91M5FRT1lA&t=300s) Segment 2 (05:00 - 09:00) edit statuses. New members often want to dive in and create their own status workflows, which sounds great until every team has completely different statuses and your data is a mess. A good best practice is to limit who can edit statuses at the start. Keep your core statuses simple and consistent across teams. If someone needs highly specific steps, use a drop- down custom field instead of adding 10 more statuses. Next, custom fields. They're powerful, but they can clutter your workspace fast. Turn off manage custom fields for brand new members and keep that ability for team leads or process owners. And remember, if you create a custom field at the list level, it shows up on every task in that list. If you create it at the space level, it shows up on every task in every folder and list in that space. Multiply that a few times, and your tasks fill up with fields nobody uses. For views, shared views are turned off for many roles by default, and that's usually a good thing. You don't want every new teammate adding public views that clutter things. Instead, set up a few standard team views, maybe one overall board, one timeline, or Gant view, and then let individuals create as many private views as they want for their own workflow. Private views are basically your own personal views in ClickUp. Only you can see them, unless you decide to share them with specific people. They're great for your own filters, groupings, and layouts. Maybe a simple view of just your tasks or a reporting view with the metrics you want to see. all without changing what the rest of the team sees. And finally, check the delete items permission. By default, users can typically delete only the things they created themselves. That's a safer starting point than letting everyone delete anything. There's also a few advanced permissions you'll want to remember as an admin. First, with request access. This keeps things usable when locations are private. If someone tries to open a space, list, or view they need but don't have access to, they can request access instead of getting stuck. Next, if you're on enterprise, you can enable make new spaces private, so every new space starts private by default and only admins or owners can switch it to public later. This helps prevent sensitive spaces from accidentally being wide open. That's especially important if you have spaces for hiring pipelines, salary planning, or executive OKRs. Also, on enterprise, owners can allow admins to manage private custom fields. So, admins can see and edit private fields across the workspace for cleanup and standardization. Private attachment links require people to be logged into your workspace to open attachment URLs, which helps protect sensitive files like contracts, creative assets, and internal docs. Account authenticated forms ensure only people who've joined your workspace can view and submit forms, which is ideal for internal requests like IT tickets or HR requests. If someone outside your workspace opens the link, they'll be prompted to sign in or they won't be able to access the form. On enterprise, block public sharing helps you reduce public link risk by limiting things like never expiring links and public template sharing. So public links don't stay active indefinitely without oversight. And finally, if you're on enterprise, don't skip the publicly shared items section. This is your workspace level audit list of anything that's been shared outside your organization with a public link. Here you can search for shared items, see who shared them, and see when they were shared. And if you ever need to lock things down fast, you have two options. Stop sharing a single item, which instantly disables that public link, or use stop sharing all to turn off public sharing across the entire workspace all at once. This is especially helpful for security reviews, leadership requests, or anytime you want to make sure nothing sensitive is accidentally available outside of ClickUp. And that's how to set access and permissions in your ClickUp hierarchy. Secure login with 2FA and SSO. Control who can join and what guests can see. Use roles and custom permissions to define responsibility. And lock down the key toggles for statuses, custom fields, views, and deleting items. Take a few minutes after this video to open your security and permissions settings and walk through each area we covered. Tightening things up now keeps your workspace clean, secure, and a lot easier to scale as your team grows. --- *Источник: https://ekstraktznaniy.ru/video/50809*