If you’ve got a team using Bettercontact, you need to keep things locked down—without making everyone’s life miserable. This guide is for admins, team leads, or anyone who’s tired of messy permission setups and wants a straight answer: how do you actually set up permissions in Bettercontact so your team is secure, gets what they need, and nothing more?
Here’s how to do it, what’s worth your time, and what’s just noise.
1. Understand How Permissions Work in Bettercontact
Before you start clicking around, it helps to know the basics. Bettercontact uses a role-based permission system. You assign roles to users, and each role has a set of permissions. That’s pretty standard. But here’s what actually matters:
- Roles are stackable. A user can have more than one role, and their permissions combine. If one role allows access and another doesn’t, access wins.
- Default roles exist, but you’ll probably need to tweak them. Out of the box, you get Admin, Manager, and User. They’re OK, but most teams need a bit more nuance.
- Most permission changes take effect instantly. No need to kick people out and back in.
Pro tip: Don’t overcomplicate things. The more custom roles you create, the harder it is to keep track of who can do what.
2. Map Out Your Team’s Real Needs (Don’t Just Copy What You Had Before)
Stop and ask: Who actually needs access to what? Don’t just copy your old system or give everyone “Manager” because it’s easier. Here’s how to figure it out:
- List your main workflows. Who needs to see contacts? Who manages integrations? Who just needs to reply to messages?
- Think about risk, not just convenience. The fewer people with admin access, the better. If someone gets phished or goes rogue, you want to limit the blast radius.
- Ask your team. Sometimes the people doing the work know where the bottlenecks are—or where they’re seeing too much.
What to ignore: Don’t stress about giving people “view” permissions for things they don’t care about. Focus on restricting edit, delete, export, and admin actions.
3. Review and Clean Up Default Roles
Let’s be honest: most software’s default roles are too broad. In Bettercontact:
- Admin: Full control. Can add/remove users, change settings, export data, see billing. Only give this to folks you’d trust with your credit card.
- Manager: Usually can view and edit contacts, manage conversations, see reports. Can’t change system settings.
- User: Can view assigned conversations or contacts, maybe add notes, but not much else.
Action steps:
- Go to Settings > Users & Permissions.
- Click each role and review the permissions. Bettercontact shows a checklist—walk through each item and ask: “Does everyone in this group really need this?”
- Remove permissions that aren’t essential. It’s easier to loosen up later than put the genie back in the bottle.
4. Add or Edit Custom Roles (Only If You Must)
If your team structure doesn’t fit the defaults, it’s time to make custom roles. But don’t get carried away.
How to create a custom role:
- In Settings > Users & Permissions, click “Create Role.”
- Name it something obvious (“Support Tier 1,” not “Role 5”).
- Check only the permissions this group truly needs. For example:
- Can view contacts
- Can reply to conversations
- Can NOT export data
- Can NOT delete contacts
What works: Custom roles are great when you’ve got clear lines (e.g., contractors vs. full-time staff, or marketing vs. support).
What doesn’t: Avoid making a unique role for every single person. That’s a maintenance nightmare.
Pro tip: Review all roles every 3–6 months. People change jobs, teams grow, and old roles become security holes.
5. Assign Roles to Users (and Double-Check)
Now, add users and assign the right roles. Here’s where most mistakes happen, so slow down and double-check.
- Go to Settings > Users & Permissions > Users.
- For each user, click “Edit,” and assign one or more roles.
- Save, and confirm the changes.
Things to watch: - Make sure nobody gets Admin just for convenience. If you’re not sure, default to less access. - If someone changes jobs, update their roles right away. - If a user leaves, remove their access immediately. Don’t just “deactivate”—delete.
What to ignore: Don’t bother with “temporary” elevated access unless you plan to set a calendar reminder to take it away. It always lingers longer than you think.
6. Test Permissions Before Going Live
This is the step most people skip—and regret later.
- Create a dummy user with the lowest permissions (e.g., a “User” role).
- Log in as that user (or use Bettercontact’s “impersonate” function, if available).
- Try to perform any sensitive actions: exporting data, deleting contacts, changing settings.
- Make sure users only see what they’re supposed to—nothing more.
If you find problems: Go back and adjust the roles. It’s much cheaper to fix now than after a data breach or accidental deletion.
7. Set Up Alerts and Audit Logs (If You Care About Security)
Bettercontact keeps logs of user activity, but you might need to turn on extra alerts for sensitive actions.
- In Settings > Security, enable audit logs.
- Set alerts for things like:
- New user invites
- Permission changes
- Data exports or deletes
Is this overkill? For a small team, maybe. But if you’re handling customer data or have compliance needs, it’s a must.
8. Train Your Team (Briefly)
Don’t send a 30-slide deck. Just cover the basics:
- What their role lets them do—and not do.
- Best practices (don’t share passwords, don’t forward export files, etc.).
- Who to ask if they need more access.
Pro tip: Remind people that asking for access is normal. Guessing passwords or workarounds is not.
9. Keep It Simple and Review Regularly
User permissions aren’t “set and forget.” People join, leave, and change roles all the time. Make it a habit:
- When someone joins: Assign the lowest permissions they need.
- When someone leaves: Remove access immediately. Seriously, don’t wait.
- Every quarter: Audit your users and roles. Remove anyone who shouldn’t be there, and trim unused permissions.
What’s not worth it: Don’t bother with super-granular permissions unless your industry demands it. Complexity is the enemy of security.
Final Thoughts: Less Is More
If you take away one thing, it’s this: give people only what they need, and nothing more. Overcomplicated permission setups cause more trouble than they solve. Start simple, fix mistakes as they come up, and don’t be afraid to tighten things if you notice problems.
User permissions in Bettercontact aren’t rocket science, but they do need attention. Keep it lean, check your work, and your team—and your data—will thank you.