Step by step process for configuring user permissions and roles in Planhat

If you’re running customer success or any kind of SaaS ops, you know the pain of “who can see what?” and “why does Bob have access to delete everything?” This guide is for admins and ops folks who need to set up user permissions and roles in Planhat without turning it into a bureaucratic mess.

Let’s walk through it step by step, with an eye for what actually works in the real world—not just what looks tidy in a help doc.

Why Permissions and Roles Matter (and What To Ignore)

Before you start clicking boxes, get clear on why you’re doing this. Permissions and roles aren’t about locking people out for fun—they’re about:

  • Keeping sensitive customer data safe
  • Streamlining workflows (nobody wants 40 options they’ll never use)
  • Avoiding “oops, I deleted the dashboard” moments

What doesn’t matter? Overcomplicating things with a dozen custom roles before you even know what your team needs. Start simple. You can always tighten things up later.

Step 1: Audit Your Team and Their Needs

Don’t just copy your org chart. Permissions should reflect how people actually work.

Do this first: - List your team’s main functions (CSMs, Admins, Execs, Support, etc.) - Write down what each group really needs to do in Planhat—view-only, edit, export, manage users, etc. - Identify anyone who needs special access (maybe your finance lead needs billing info, but nothing else)

Why bother? Because it’s easier to set up logical, usable roles if you know what people really need—not just what you assume.

Pro Tip: Ask your team where they’re running into blockers or risks with access today. Their answers will save you headaches.

Step 2: Get Familiar With Planhat’s Permission Model

Planhat uses a combo of roles and permissions. Here’s the gist:

  • Roles: Think “job templates” (like Admin, CSM, Read-only). Roles group together permissions.
  • Permissions: The actual rights—view, edit, delete, export, manage users, etc.

You assign users to roles. Roles control what users can do. You can use Planhat’s defaults or create custom roles.

Heads up: Planhat’s permission system is flexible, but not as granular as some CRMs. You can’t always set field-level permissions, so plan around what’s possible—not what you wish you could do.

Step 3: Access the Permissions and Roles Settings

Here’s how to get where you need to be:

  1. Log in to Planhat with an account that has admin rights (if you’re not sure, ask your current admin).
  2. Click your profile icon (usually top-right), then go to Settings.
  3. Find the Users & Permissions or Roles & Permissions section—naming can change slightly depending on your version.

If you can’t see this section: You probably don’t have admin permissions. You’ll need to get someone who does, or ask them to upgrade your access temporarily.

Step 4: Review and Edit Default Roles

Planhat usually comes with some default roles: Admin, User, and sometimes Read-only.

Check these first: - Click into each role and review the permissions assigned. - If a default role is too permissive (e.g., “User” can export all data), dial it back. - If it’s too restrictive, bump up access for what’s needed.

Don’t overcomplicate: Unless your team is huge or has wildly different needs, tweaking the defaults often covers most cases.

Step 5: Create Custom Roles (If You Really Need To)

Only create custom roles if the defaults don’t fit. Here’s when it’s worth doing:

  • You have a partner or contractor who needs limited access.
  • Your execs want a high-level dashboard but no editing rights.
  • You want to experiment with a “Can’t Break Anything” role for new hires.

How to do it:

  1. In the Roles section, click Add Role or Create Role.
  2. Name it clearly—think “Support Read-only” or “Finance Export.”
  3. Assign permissions by toggling what you want users in this role to do:
    • View, edit, delete, export, manage users, etc.
    • Some sections (like integrations or billing) may have special toggles.
  4. Save.

Pro Tip: Resist the urge to make a role for every minor edge case. The more roles you have, the harder things are to manage later.

Step 6: Assign Users to Roles

Now, actually put people into their buckets:

  1. Go to the Users section in Planhat.
  2. For each user, click to edit and assign the right role from your list.
  3. Double-check critical folks (admins, execs, team leads) to make sure they have what they need—no more, no less.

Bulk assignment: If you’re onboarding a lot of users, use Planhat’s bulk actions or import tools to speed things up. Just be careful—one wrong move and everyone’s suddenly an admin.

Step 7: Test Access (Don’t Skip This)

This is where most setups go sideways—someone assumes everything works, then finds out at 5 p.m. on a Friday that the support team can’t see customer tickets.

How to test: - Log in as (or impersonate) each role, if Planhat allows. - Try to do the things that should be possible, and confirm you can’t do things you shouldn’t. - Ask a couple of real users to sanity-check their experience.

Look for: - Can view/edit only what they should? - Sensitive data hidden from the wrong people? - Export and delete functions safe from “button mashers”?

Pro Tip: Document what each role can do (just a simple Google Doc is fine). This is handy for onboarding and troubleshooting later.

Step 8: Maintain and Review Regularly

Roles and permissions aren’t “set and forget.” People change jobs, teams grow, new features show up.

Do this at least quarterly: - Review current users and roles—remove access for folks who’ve left - Check for “permission creep” (someone who’s now an admin for no good reason) - Adjust roles as workflows change

What to ignore: Don’t jump into every new permission setting Planhat rolls out unless there’s a real need. More toggles don’t always mean more control.

Common Pitfalls (And How To Dodge Them)

  • Too many custom roles: More roles = more confusion. Stick to broad buckets unless there’s a clear reason.
  • Everyone’s an admin: Fastest way to lose sleep. Limit admin rights to people who really need it.
  • No testing: Always, always test. Permissions that look right on paper can fail in practice.
  • Not communicating changes: If you change roles, let people know. “Why can’t I see X anymore?” emails are a time sink.

A Few Honest Takes

  • Planhat’s permission system is solid, but not as “lock-everything-down” as an enterprise CRM. It does the job for most SaaS teams, but if you’re in fintech or healthcare, double-check compliance needs.
  • Don’t obsess over perfect security at the expense of usability. If nobody can get their work done, you’ll just end up loosening things in a panic.
  • Keep things as simple as you can for as long as you can. Complexity creeps in fast—fight it off up front.

Wrapping Up: Keep It Simple, Iterate Often

Don’t overthink it. Start with broad, sensible roles, test them, and adjust as your team grows. Permissions are about trust, not paranoia. Check in with your users, revisit your setup every so often, and don’t be afraid to say “no” to more complexity unless there’s a clear, urgent need.

Remember: simple is secure, and easier to manage. Get the basics right, and you’ll spend less time firefighting down the line.