Skip to content
English
Sign in
Go to www.contractsafe.com
  • There are no suggestions because the search field is empty.

Introduction to Upgraded User Permissions

We have upgraded User Permissions! Important: You do not need to take any action. All your existing users and their permissions will remain the same.

ContractSafe has continued to invest in its permissions system to make it easier to use and more powerful. This article covers everything you need to know about how user permissions work today, including the latest upgrades.
 
For a live walkthrough of these features, join one of our weekly New Features Training Sessions.
 
If you have questions or would like additional help, reach out to Customer Success at support@contractsafe.com.
 

What's New: Permissions V2

We've upgraded the permissions system with a new interface and a cleaner underlying model. Here's what changed — and what didn't.
 

The New Interface

Settings > Users now uses a three-tab layout:
  • Users — View and manage all users. Add, edit, or remove users; assign their organization-wide role; and control individual folder, tag, and company access directly from here.
  • Groups — Create and manage permission groups. Each group has a default role and a member list. Changes to a group automatically apply to all its members.
  • Permissions — A resource-level view with sub-tabs for Folders, Tags, and My Companies. See exactly who has access to each resource and at what level — and add users or groups directly from this view. 
How to tell if your organization is on the new version: If you see the three-tab layout (Users | Groups | Permissions), you're on Permissions V2. If you see the older side-navigation layout, your organization will be updated shortly.

Permissions Are Now Additive

This is the most significant change. In the previous system, individual exceptions could override a user's base role in ways that were sometimes hard to track. In the new system, all permissions build on top of each other — a user's effective access is always the combination of their direct assignments plus any group memberships. There are no hidden overrides.
This makes it easier to understand exactly why a user has a given level of access, and reduces the chance of unexpected permission behavior over time.
 

Users Can Now Belong to Multiple Groups

A user can be a member of more than one group. Their effective access is the union of all group memberships plus any direct assignments. This makes it easier to model real-world situations — for example, a user who is part of both a department team and a cross-functional project team.
 

What Has NOT Changed

  • No one loses access. All existing permissions were automatically carried over. No action is needed from admins or users.
  • Contract visibility, search, and filtering work exactly the same way.
  • Notification delivery is unchanged.
  • Non-admin users will not notice any difference.
  • Subfolder inheritance continues to work as before.
 

All Permissions Features — Current Capabilities

Available on All Subscriptions

User Groups Create groups to manage permissions for multiple users at once. Define a role and access level once, then add any number of users to that group. When the group's permissions change, all members update automatically. Groups are optional — you can still manage individual users directly if you prefer. Learn more about creating user groups.
 
Multiple Users at Once Add several new users in a single step instead of one at a time — useful when onboarding a new team. Learn more about adding multiple users.
 
Selective Folder Notifications Choose which folders a user receives new activity notifications for — it doesn't have to be every folder they have access to. This can be configured per user or at the group level. Learn more about user notifications.
 
First and Last Names for Users Add display names to user accounts for easier identification, especially useful for organizations with a large number of users. Learn more about identifying users by name.
 

Available on Professional Subscriptions and Higher

Different Permission Levels for Different Folders Grant a user editing rights in some folders while keeping them read-only in others. With the new additive model, this is managed cleanly through group memberships and direct folder assignments — no conflicting exceptions to track. Learn more about complex permissions.
 
SSO Bypass for Specific Users If SSO is enabled for your organization, you can allow specific users to log in with a standard email and password instead. This is helpful for users who are not in your SSO directory. Learn more about SSO exclusions.
 

How to Navigate the New Interface

Users Tab

Your full user list lives here. From this tab you can:
  • Add, edit, or remove individual users
  • Assign a user's organization-wide role
  • Assign direct folder, tag, or company access to a specific user
  • Manage group memberships for each user

Groups Tab

Create and manage permission groups from here. Each group has:
  • A name and optional description
  • A default organization-wide role
  • A list of members
  • Folder notification preferences at the group level

Permissions Tab

A resource-first view of your permissions setup. Use this to:
  • See who has access to a specific folder, tag, or company
  • Add users or groups to a resource directly
  • Audit access across your entire organization at a glance
 

Common Questions

  1. Do I have to use groups?
    1. No. Groups are an option, not a requirement. You can continue managing individual user permissions from the Users tab exactly as before.
  2. Did my users' permissions change?
    1. For virtually all customers, no. All existing permissions were automatically migrated. A very small number of organizations (4 specific accounts) had minor, intentional changes affecting a handful of users — those admins have been contacted directly.
  3. Where do I assign folder access?
    1. Two places: from the Users tab (edit a user and assign folders directly) or from the Permissions tab (select a folder and add users or groups). Both achieve the same result.
  4. Something seems wrong with a user's access — what should I do?
    1. Check both the user's direct assignments (Users tab > edit user) and their group memberships. A user's effective access is the combination of both. If something still looks wrong, contact support@contractsafe.com and we'll investigate.
  5. Can the change be reversed?
    1. Yes. The update is fully reversible on a per-organization basis. If a critical issue is identified for your organization, your settings can be instantly restored to the previous version with no data loss.
 

Why We Made These Changes

The original permissions system worked well for straightforward setups, but became harder to manage as organizations grew — especially when individual users had custom exceptions layered on top of their base role. Those exceptions could accumulate over time, making it difficult to audit who had access to what.
 
The new system replaces that complexity with a clean, additive model: every user's access is the explicit sum of their group memberships and direct assignments. No hidden overrides. No surprise behavior.
 
This makes permissions:
  • Easier for admins to understand and manage — what you see is exactly what a user gets
  • Easier to audit — trace any user's access back to a clear source
  • More scalable — the model handles large, complex organizations cleanly
  • A foundation for future capabilities — more advanced role types and controls are now possible to build
 
Have questions about the upgrade or need help navigating the new interface? Reach out to us at support@contractsafe.com — we're happy to help.