If you’re using Proof to work with a team—especially if you’re dealing with sensitive content—locking down who can do what isn’t optional. It’s the only way to keep work organized, avoid mix-ups, and not wake up to a disaster nobody can undo. This guide is for admins, team leads, or basically anyone responsible for not letting things slip through the cracks.
We’ll walk through how to actually set up roles and permissions in Proof so your team can collaborate without stepping on each other’s toes. No fluff, no hand-waving—just what works, what to watch out for, and where this stuff gets tricky.
Why Roles and Permissions Matter (And Where People Mess Up)
Before we get into the steps, let’s be clear: most security headaches happen because someone gave the wrong person too much access, or because nobody bothered to clean up old accounts. Permissions aren’t just a checkbox for compliance—they’re the difference between controlled chaos and actual chaos.
What works: - Giving people the least access they need to do their job. - Making it dead simple to see who can do what. - Regularly checking and updating permissions.
What to ignore: - Fancy permission matrices nobody understands. - Overly granular settings that slow everyone down. - The idea that “set it and forget it” will work forever.
Step 1: Know Your User Roles in Proof
Proof keeps things pretty straightforward, but you do need to know what each role can actually do. Here’s the breakdown (as of mid-2024):
- Admin: Can do everything—add/remove users, change settings, access all documents, and nuke the organization if they wanted. Don’t hand this out lightly.
- Editor: Can create, edit, and comment on content. Usually the “doers” in your team.
- Viewer: Can see stuff, maybe leave comments if you let them, but can’t change the actual work.
Pro tip: If you’re not sure what a role can do, create a dummy user, assign the role, and see for yourself. Don’t trust the product marketing—test it.
Step 2: Map Out Who Needs What (On Paper First)
Don’t just start clicking around in Proof. Spend 10 minutes mapping out: - Who’s on your team? - Who actually needs to edit versus just view? - Are there outsiders (contractors, clients) who need limited access?
Why bother? If you wing it, you’ll end up with half the team as Admins and no idea who can access what six months from now. Trust me, cleaning up later is a pain.
Step 3: Add Users and Assign Roles
Now, let’s get hands-on.
- Head to the Team/Users section in Proof.
-
It’s usually under “Settings” or “Organization.” If you can’t find it, search for “Users” in the platform menu.
-
Invite users by email.
-
Add one at a time, or bulk upload if you’ve got a big crew. Most platforms let you do CSV uploads.
-
Assign a role to each user.
- Don’t just hit “Admin” because it’s easier. Start with Viewer or Editor unless you have a good reason to go higher.
-
For contractors or occasional collaborators, always default to Viewer unless they’re actually going to edit content.
-
Double-check your list.
- Make sure nobody got Admin by accident.
- Remove anyone who doesn’t belong (old email addresses, ex-employees, etc.).
What works: - Defaulting to less access, then upping it if someone complains they can’t get their job done. - Keeping Admins to an absolute minimum—ideally just you and a backup.
Step 4: Set Up Permissions for Projects, Folders, or Documents
Proof usually lets you control permissions at a few different levels:
- Organization-wide: Who can see or do what in the entire workspace.
- Project or Folder level: Useful if you have teams working on different stuff, or want to keep client work separate.
- Document or Asset level: For sensitive files or one-off exceptions.
How to set permissions:
- Navigate to the project, folder, or document.
- Look for a “Share” or “Permissions” button or menu.
- Add users or groups, and set their access (Viewer, Editor, Admin).
- If you can, use groups/teams rather than individual users—it’s easier to manage as you grow.
- Restrict access for sensitive stuff.
- Don’t just rely on “private by default”—triple-check who can see or edit your most important files.
Pro tip: When in doubt, check what a user sees by logging in as them (if Proof allows it) or asking them to send a screenshot.
Step 5: Review Permissions Regularly
Set a reminder for yourself—once a quarter, once a month, whatever fits your risk appetite. Go through your user list and permission settings.
- Remove users who are no longer around.
- Downgrade roles where people don’t need as much access anymore.
- Spot-check for weird access (e.g., contractors with Admin access, clients who can edit instead of view).
What works: - Making this part of your offboarding process. - Having a second person review the list every now and then.
What doesn’t: - Hoping Proof will alert you if something’s off. Most SaaS tools are just not that smart yet.
Step 6: Handle Exceptions and Special Cases
Sometimes, you’ll need to break your own rules—maybe a client needs to edit a document for a day, or a contractor needs temporary access.
Best practices: - Set a calendar reminder to downgrade or remove their access when the job’s done. - Use Proof’s expiration or time-limited links if available—don’t trust yourself to remember. - Document any exceptions somewhere (even just a Google Doc) so you know why someone has weird permissions.
Common Pitfalls to Avoid
- Too many Admins: The more people with full access, the bigger the risk of mistakes or accidents.
- Never cleaning up users: Old accounts are security holes waiting to happen.
- Not testing permissions: Don’t assume your setup works—check it with a real user.
- Ignoring group management: If Proof supports groups/teams, use them. Managing one group is way easier than dozens of individuals.
Quick Checklist
Here’s a barebones checklist you can actually use:
- [ ] Mapped out users and what access they need
- [ ] Added users to Proof with least-privilege roles
- [ ] Set permissions for projects, folders, and documents
- [ ] Reviewed and cleaned up user list
- [ ] Documented any exceptions
Wrapping Up
Don’t overthink it. Start simple, keep permissions tight, and review them now and then. If you ever feel like you need a spreadsheet to track who can do what, it’s probably time to simplify.
Roles and permissions aren’t glamorous, but getting them right in Proof saves you from headaches, drama, and those “oh no” moments nobody wants. Set it up, check in now and then, and get on with the real work.