There is a desperate need for more restrictions to user/employees accessing documents and Templates in the payment tab. They can currently delete operational documents and also see private documents from the agency owner. Also the financials and reporting needs more control. There should also be option to turn off the phone access to an user/employee. https://ideas.gohighlevel.com/contacts/p/access-permissions-to-documents-contracts

need

Please, we need more granular permissions on the Agency level. At least to block the financials and the rebelling to keep the money private from employees

Any update on this?

I've Just hired a person to help me sell and deploy subaccounts under the SaaS Plans that I've previously created, among other tasks in my agency account and I've created as an Agency USER (Not admin)....

Unfortunately I learn today, after almost an hour with the Zoom Support that I CAN'T no matter what, limit or restric this person from sensitive data like monetary information, but even worst than that, we also CAN'T prevent the user from Altering or DELETING any PLANS on the SaaS configurator, or making changes on pricing and rates on Both Rebilling and Resseling.

Even if the user execute any of the above "by accident" the financial loss could be devastating, and could impact ALL subaccounts, which would turn this into a snowball of LAWSUITS....

This is not an idea, it's not request for improvement, this is a huge design mistake/flaw that needs to be fixed asap. Im honestly surprised that for such a great system nobody thought about that before.

What is the current status or expected timeline for this update?

This is still an active limitation in day-to-day operations, and it directly impacts access and collaboration across accounts.

While I know granular permissions have been introduced in parts, they do not fully solve the core issue of permission isolation per sub-account for the same user in HighLevel.

Use Case Example:

I have a client who is an admin in their own sub-account under my agency, but we are also collaborating on work inside one of my sub-accounts. Ideally, I would give them limited, role-specific access in my account.

Currently, our only options are:

Have her use a separate email/login to apply different permissions by account (which is clunky & creates friction), or

Grant full admin access to my sub-account to avoid breaking her permissions in her account (which introduces unnecessary risk)

Why this matters:

Agencies regularly collaborate with clients, contractors, and partners across multiple accounts

Users often need different roles depending on the sub-account

The current structure forces over-permissioning or duplicate user workarounds

This introduces security concerns and operational inefficiencies

What's needed:

True sub-account level permission control, where a single user can have fully independent roles and permissions in each account - without requiring multiple log-ins.