Users & Permissions

Create option in Agency company settings for agency admins/owners to turn on or off that is: "Allow all users to toggle light / dark mode individually." That way, this option is off by default, giving all GHL agencies time to write code for whichever mode they've not got code for. Turn current Custom CSS box in Agency company settings into "Custom CSS for light mode" ... and then "add Custom CSS for dark mode" right below it. Provide light/dark mode toggle for all users under "My Profile" or in upper right hand corner, similar to the light/dark mode toggle used in Community feature. Only make available if option in point #1 (above) is turned on by agency admin/owner.

Customized User Role Names/Types such as By Departments. Managers, Employees, Sales, Mataince, etc. GHl as they are an all in one platform and can help businesses grow.

Currently, we are only allowed just two main user roles—Admin and User. In our business model, we have sales reps who manage sensitive, high-net-worth clients. Some workw exclusively with these clients, and we need to ensure that only he and the admins can view and manage those particular contacts. On the other hand, we also have a broader group of salespeople who handle general incoming leads. These leads go into a user we created called "house account" and then i have an automation that assigns new contacts to that user. In that same automation, i add all the sales staff as contact followers so they can still be assigned tasks and see acitivy. While this workaround helps us, it also leads to intermittent issues and additional complexity. For instance, we recently had a scenario where a contact assigned to the house account had a task created that was assigned to a sales person (different user), but due to permission limitations, when the salesperson with the assigned task viewed his tasks screen from the contacts module, the associated contact field wasn’t visible to that rep. So there was no actionable way to conduct that task. Somehow that was eventually resolved on its own. Currently, contact followers cant see "house account" conversations, which created a big problem with one of our clients. It highlighted how fragile these workarounds can be. In other words, we’re relying on automations to manage workflows that would be much simpler if we had more nuanced user role permissions built into the platform. We are also sensitive to protecting a certain salesperson's contacts and have had staff in the past reassign contact ownership to themselves. Assigning the sales staff as followers allows them to see the contact, but not change the ownership, which currently works as a solution, but it is creating all the problems that i mentioned above. We believe that adding more granular permission controls, or allowing subaccounts to create their own user roles with more options for permissions with contact would benefit many businesses like ours. It would reduce the need for these complex workarounds and ensure a smoother experience.

I came across this issue as I have a user that already exists in my system through someone else's sub-account and now they want their own account but they purchased a plan that gives them fewer permissions but I can't remove features from their profile without it affecting the other subaccount they are in. This is definitely a limitation for my (and probably other's) use cases.

Allow to select multiple users to copy roles & permissions from instead of one at a time

We want the ability to disable new account login emails that are automatically generated. This is important when we are bulk creating new accounts so that we can consolidate our instructions in a single email rather than the client receiving numerous welcome / login emails that we cannot customize.

Description: Currently, managing permissions for the Notes section (on contacts, opportunities, etc.) lacks the necessary granularity for effective team management and data protection. To better manage diverse teams and safeguard important information, we require finer, role-based controls over what users can do with notes. --- Problem & Use Case: Different user roles within our business require different levels of access to notes. For example: We need the ability to assign Create Only permissions to certain roles (like VAs or entry-level staff) so they can add new information without the risk of accidentally editing or deleting crucial historical notes logged by senior staff or other team members. Other team members might need the ability to Create/Edit notes to update information as situations evolve, but should still be restricted from deleting notes entirely to maintain record integrity. Full Create/Edit/Delete permissions should be reservable for administrators or specific trusted roles. Without these distinct levels, we either grant too much access (risking accidental data loss or unauthorized modification) or restrict users too much, hindering productivity. This also makes it harder to maintain data integrity and accurate historical records. --- Proposed Solution: Please implement the following distinct permission levels that administrators can assign to users specifically for the Notes section: Create Only : User can add new notes but cannot modify or delete any existing notes. Create/Edit : User can add new notes and edit existing notes, but cannot delete notes. Create/Edit/Delete : User has full control – allowing adding, editing, and deleting of notes they have access to view. --- Benefits: ✅ Improve security and data integrity by limiting modification/deletion rights. ✅ Prevent accidental loss of important client history or internal communication. ✅ Empower administrators to configure user access precisely according to job responsibilities and trust levels. ✅ Enable more secure, effective, and clearly defined team collaboration within HighLevel. Implementing these granular permissions would be a valuable improvement for managing teams and protecting data within the platform.

Whilst the recent enforcement of 2FA (via email) is a welcome addition to the security of High-Level, email based 2FA is unfortunately one of the least secure 2FA methods. So, please add more 2FA options. Including at a minimum TOTP codes (a global standard) that people can use through whatever TOTP App they use. (E.g. Authy, Duo, Google Authenticator, Microsoft Authenticator etc). And at the same time, please: Allow an agency to select what 2FA options they will allow to be used across their clients. Allow Admins of a sub-account to also have this level of functionality to select what 2FA options users in their Sub-Account can use IF the Agency gives it to them.

When a user is a "User" and not an "Admin", he can't delete a contact. That's fine. Is it possible that he can't delete an opportunity? We don't have that level of granularity in permissions. The usercase is: when a salesperson loses too many opportunities, he deletes them instead of indicating them as lost.

When you login to GHL and enter your password, there is no icon or button to show your password. If you had one, you can see if you are typing your password incorrectly (ALL CAPS) or not