If you're using Responsive to handle proposals, you probably care about two things: getting work done and not letting sensitive info slip into the wrong hands. Setting up user roles and permissions is the backbone of proposal security—but it can also be a pain if you overcomplicate it or just copy/paste what someone else did. This guide's for admins, team leads, and anyone who wants to keep proposals safe without making the platform a nightmare to use.
Let’s get right into it.
Why Roles and Permissions Matter (and Where People Get It Wrong)
Controlling who can see and do what in Responsive isn’t just bureaucracy—it’s the difference between a smooth proposal process and a data leak. But too many teams either lock things down so hard that everyone’s blocked, or they go full “everyone’s an admin” and hope for the best. Neither works.
You want just enough restriction to protect sensitive info and avoid accidental changes, but not so much that people start working around your system or quitting out of frustration.
Common pitfalls: - Everyone gets the same role “just in case” - No regular review of who has access - Relying on default settings and never tweaking them
Let’s fix that.
Step 1: Know the Built-In Roles
Responsive comes with several standard roles. These tend to cover the basics for most teams. Here’s what they usually mean (but double-check your account, because names and privileges can change with updates):
- Admin: Full control—settings, users, content, proposals. If you don’t trust someone with the keys to your house, don’t make them an admin.
- Manager: Can create, edit, and approve proposals. Can usually manage teams but can’t change global platform settings or billing.
- Contributor: Can work on assigned proposals, edit content, but can’t approve or send.
- Viewer: Can read proposals and maybe comment, but can’t change anything.
Reality check:
Most people don’t need admin rights, and you probably need fewer managers than you think. Giving everyone admin “just to make things easier” is asking for trouble.
Step 2: Map Out Who Needs What (Before You Click Anything)
Before you start assigning roles, make a quick list. Who actually needs access, and to what?
Ask yourself: - Who creates proposals? - Who approves them? - Who just needs to see them? - Who manages templates, libraries, or master content? - Who should never see client pricing or confidential info?
Pro tip:
Use your org chart as a starting point, but don’t be afraid to make exceptions. Sometimes the person who knows the most isn’t the manager.
What to skip:
Don’t waste time building elaborate role hierarchies for a 5-person team. Start simple—you can always adjust.
Step 3: Assign Roles in Responsive
Here’s how to actually set roles and permissions. (If you’re new, you’ll need admin rights for this.)
A. Go to User Management
- Sign in to Responsive.
- Click your profile icon or the gear/settings menu.
- Look for User Management or Team Settings. The exact label may vary.
B. Add or Select Users
- To add a new user: Click “Add User” or “Invite User” and enter their info.
- To change a user’s role: Find them in the list, then click the “Edit” or “Role” dropdown next to their name.
C. Assign the Right Role
- Choose the role from the dropdown.
- Double-check if there are extra toggles (like “Can approve proposals” or “Can manage content library”).
- Save your changes.
Pro tip:
If your team has custom roles available, don’t go wild creating new ones for every little task. Stick to the basics unless you have a real need.
Step 4: Use Custom Permissions (When You Really Need Them)
Responsive sometimes offers custom roles or granular permissions, especially in enterprise plans. These can be helpful—but they’re also easy to mess up.
When to use custom permissions: - You have sensitive proposals that only a subset of users should see. - You need to limit who can export data or edit templates. - Compliance or client requirements demand strict separation.
How to set them: 1. In User Management, look for “Custom Roles” or “Advanced Permissions.” 2. Either create a new role or edit an existing one. 3. Check or uncheck boxes for specific permissions (like “Edit templates” or “View all proposals”). 4. Assign users to these roles as needed.
What to ignore:
Don’t create a custom role for every individual. You’ll end up with a mess you can’t manage. Group people by what they actually need to do.
Step 5: Limit Proposal Access by Project or Folder
Not every user needs to see every proposal. Responsive usually lets you restrict access at the proposal, folder, or “project” level.
To do this: 1. Go to the proposal or folder you want to secure. 2. Find the “Share,” “Permissions,” or “Access” option—sometimes under a menu or a right-click. 3. Add users or groups who should have access. 4. Choose their permission level (view, edit, comment, etc.). 5. Remove access for anyone who doesn’t need it.
Why bother?
This is where real security happens. If you’re working on a confidential RFP or a high-stakes deal, don’t rely on global roles alone. Lock down the sensitive stuff at the proposal level.
Step 6: Audit Regularly—Don’t Set and Forget
People leave, roles change, and projects end. If you never review your permissions, you’re asking for trouble.
Do this at least quarterly: - Check who’s got admin and manager roles. - Remove users who’ve left the company or changed jobs. - Review who has access to sensitive proposals.
How to audit: - Use Responsive’s user reports or export a list of users and roles. - Spot-check high-value proposals for who can see or edit them. - If you’re bored, pretend you’re a hacker—can you find a way for a regular user to get access they shouldn’t?
Pro tip:
Make this part of your offboarding process: disable users before they walk out the door.
What Works, What Doesn’t, and What to Ignore
What works: - Keep roles simple. Most teams only need a few. - Use proposal-level permissions for truly sensitive deals. - Audit regularly, not just once a year.
What doesn’t: - Giving everyone admin “just in case.” - Never updating permissions as your team changes. - Overcomplicating with dozens of custom roles you’ll never remember.
Ignore:
- Fancy features you’ll never use (like “time-limited access” for people who never log in anyway).
- The urge to lock down everything unless there’s a real risk.
Keep It Simple, Iterate as You Go
Locking down your proposal process in Responsive doesn’t have to be complicated. Start with the basics: know your roles, assign what’s needed, and review as you grow. Don’t panic if you don’t get it perfect on day one—you can always tweak things later. The best setup is one that keeps data secure and lets your team get work done.
If you keep permissions lean and revisit them now and then, you’ll avoid most headaches—and sleep a lot better at night.