HomeHelp CenterSettings & Administration

Field-level permissions

Hide or lock specific fields per role.

2 min read · Updated Jul 4, 2026

Field permissions let you control which roles can see and edit each field on each entity.

Where to manage

Settings > Field Permissions. Pick an entity (Contacts, Companies, Deals, etc.), then for each field set per-role visibility:

  • Read + Write — full access (default).
  • Read only — visible but not editable.
  • Hidden — does not appear in forms, lists, exports, or reports.

Common patterns

  • Hide donor wealth indicators from non-fundraising roles.
  • Hide annual revenue from anyone outside Sales.
  • Read-only lifecycle stage for Members; only Managers can change.
  • Hide board notes from non-Admin roles.

Enforcement

Field permissions are enforced server-side. The API never returns hidden fields to unauthorized callers; bulk operations don't update them; exports skip them. CSV exports for users without access strip the column entirely.

Audit

Field permission changes are audit-logged. Settings > Audit Trail shows who changed which permission and when.

What it doesn't do

Field permissions do NOT replace record-level access control. To restrict who can see specific records (e.g. confidential donors), use owner-based access via the roles you manage in Settings > Users & Teams.