Field permissions let you control which roles can see and edit each field on each entity.
Where to manage
Settings > Field Permissions. Pick an entity (Contacts, Companies, Deals, etc.), then for each field set per-role visibility:
- Read + Write — full access (default).
- Read only — visible but not editable.
- Hidden — does not appear in forms, lists, exports, or reports.
Common patterns
- Hide donor wealth indicators from non-fundraising roles.
- Hide annual revenue from anyone outside Sales.
- Read-only lifecycle stage for Members; only Managers can change.
- Hide board notes from non-Admin roles.
Enforcement
Field permissions are enforced server-side. The API never returns hidden fields to unauthorized callers; bulk operations don't update them; exports skip them. CSV exports for users without access strip the column entirely.
Audit
Field permission changes are audit-logged. Settings > Audit Trail shows who changed which permission and when.
What it doesn't do
Field permissions do NOT replace record-level access control. To restrict who can see specific records (e.g. confidential donors), use owner-based access in Settings > Roles & Permissions.