Understanding Organization Permissions

Every Member within an Organization will have a Role and an Account Type associated with their account. 

This controls what they are able to access and how they are able to interact with any Teams, Projects, Files, Libraries or Fonts.

In this article, we will cover:

  1. Roles within the Organization
  2. Account Types

Learn more about adding and updating Roles and Account Types in our Managing Organization Members article.

Roles within the Organization

Once a Member is added to a Team, you can control what level of access they have to the Organization, and the Projects, Files and Resources shared within it.

There are two main levels of access, or Roles, within an Organization:

  1. Member
  2. Admin
  3. Guest

Member

Members are any users that have been added to an Organization. They have an email the matches the company or Organization's domain (e.g. staffmember@organization.com). 

Members are able to:

  • View and comment on any files and projects within the Teams they are a specific member of.
  • View a list of all (Open and Closed) teams within the Organization.
  • Access any resources (Files, Styles, Components and Shared Fonts) that have been made available within the Organization.

Admin

Admins are a subset of Member that have additional administrative rights within the Organization. 

Admins are able to:

  • View and update detailed information around Billing, Teams, Members, Libraries and Shared Fonts.
  • Control Roles and Account Types for all users within an Organization.
  • Define which Shared Resources (Styles, Libraries and Shared Fonts) are available to the Organization, by default.
  • View and filter Activity Logs.

Admins aren't able to:

  • Access every Team within your Organization. Admins will need to be added to a Team to be able to access any Projects, Files and Shared Resources within it.
  • Enable Libraries within a Team, or across the Organization. Admins will need to be Full members to enable Libraries.

Guest

Guests are users that have been given access to specific Resources within an Organization. These could be external contractors, collaborators, or other company employees that don't require access to the entire Organization. 

Anyone added to the Organization, with an email address that doesn't match the registered domain(s), will be automatically added as a Guest.

Guests can only access any Teams, Projects or Files that they have been explicitly invited to.

  • A guest will need to be added to a Team to be able to view its Projects and Files.
  • Guest won't be able to access resources visible to other Organization members.

    This includes a list of  Open and Closed Teams, published Team and Organization-wide Libraries, Shared Fonts, and any files shared within the Organization via link sharing.
  • Guests won’t be able to use Components that are located within files they don’t have access to.

Note: To allow guest to use Components from a Shared Library, you will need to explicitly give them access to the Component Library’s original file.


Account Types

As well as having a Role, every member will also have an Account Type.

The Account Type determines whether or not that member's membership will be included in your billing, as well as whether they have Edit or View only access.

There are three Account Types:

  1. Starter
  2. Full
  3. Restricted

Starter

When you first add a new  Member to your account, they will be given Starter permissions by default. Organizations aren't charged for Starter members. 

A  Starter member will be able to do the following actions without being upgraded:

  • View any Projects and Files in Teams they are a part of.
  • View any Shared Resources (Libraries and Fonts, shared across the Organization)
  • Comment on any Files or Prototypes.

A member will automatically be upgraded to a Full member if:

  • They are given Edit access to a File.
  • They share a File from their Drafts with the rest of the Organization.

If you don't want a Starter member to upgrade to  Full access, you can restrict their access. It's not possible to downgrade a Member back to Starter access, once their role has been changed to Restricted or Full.

Full

Full members have Can Edit permission to at least one File or resource within the Organization. Organizations are charged for any Full members.

A full member can:

  • View any Projects and Files in Teams they are a part of.
  • View any Shared Resources (Libraries and Fonts, shared across the Organization)
  • Comment on any Files or Prototypes.
  • Edit any Files or Projects that they have Can Edit access on.
  • Share Files from their Drafts with other members in the Organization.

Organizations are charged for the number of Full members they have. You can restrict members to remove them from your billing. Learn more about Managing your Organization's billing.

Restricted

Restricted members are limited in the way they can interact with any files or resources within the Organization. Restricted members aren't included in an Organization's billing.

You can set a member as Restricted when adding them to the Organization. Or, restrict their access by downgrading them from a Full or Starter member.

Restricted users can:

  • View any Projects and Files in Teams they are a part of.
  • View any Shared Resources (Libraries and Fonts, shared across the Organization).
  • Comment on any Files or Prototypes.

Restricted users cannot:

  • Share Files from their Drafts with the rest of the Organization.
  • Edit any Shared Resources (Libraries and Fonts, shared across the Organization).
  • Edit any Projects and Files in Teams they are a part of.
  • Enable or disable Team Libraries for Teams or Files.

A Member can request an upgrade from their Account Settings by clicking the  Request Upgrade link next to their current Account Type.  This will send a notification to all Organization Admins, who can then approve the Member's request.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.