What are the Enterprise roles and permissions?
  • 19 Jan 2023
  • 5 Minutes to read
  • Dark
    Light

What are the Enterprise roles and permissions?

  • Dark
    Light

Article Summary

With InVision Enterprise, you can assign roles and set additional permissions to refine responsibilities.

Currently, there are 4 available roles for an Enterprise organization:

  • Admin: has full account access
  • Manager: can invite members, create teams, and view all documents
  • Contributor: can create and edit documents
  • Reviewer: can be assigned documents to review
Note:
Apart from these roles, you can publicly share boards, freehands, and prototypes with other stakeholders. Share link viewers are not required to be a member of your Enterprise organization.

If you are an admin or manager on an Enterprise account, you can change another member's role at any time. To learn more, read Managing Enterprise members For a complete list of permissions for each role, check out the following tables.

Account access

This table specifies each role's access to other members in the organization.

Action

Admin

Manager

Contributor

Reviewer

Access member permissions

Yes

-

-

-

View company members

Yes

Yes

Yes*

-

Invite members

Yes

Yes*

-

-

Remove members

Yes

Yes**

-

-

Create teams

Yes

-

-

-

View Dashboard

Yes

-

Yes*

-

*You can toggle these permissions on or off in the member permissions settings, discussed below.
** Managers can only remove Contributors and Reviewers, and Admins can toggle this permission on or off in the member permissions settings.

Prototypes and boards

This table specifies what actions are available to each role for prototypes and boards.

Action

Admin

Manager

Contributor

Reviewer

Preview and join all prototypes and boards

Yes

Yes

Yes*

Yes*

Create prototypes and boards

Yes

Yes

Yes

-

View private comments and notes

Yes

Yes

Yes

Yes*

View assets and activity for prototypes and boards

Yes

Yes

Yes

Yes*

Duplicate prototypes and boards

Yes

Yes

Yes

-

Edit prototypes and boards you have joined

Yes

Yes

Yes

-

Inspect prototypes you have joined

Yes

Yes

Yes

Yes

Export prototypes you have joined

Yes

Yes

Yes

-

Create share links for prototypes you have joined

Yes

Yes

Yes

Yes

Add collaborators to prototypes you have joined

Yes

Yes

Yes

-

View and edit Workflow for prototypes you have joined

Yes

Yes

Yes

Yes

Archive and unarchive prototypes and boards you have joined

Yes

Yes

Yes

-

Delete prototypes and boards you have joined

Yes

Yes

Yes*

-

*You can toggle these permissions on or off in the member permissions settings, discussed below.

Freehands 

This table specifies each role's Freehand permissions, which differ slightly from prototypes and boards.

Action

Admin

Manager

Contributor

Reviewer

View freehands

Yes

Yes

Yes

Yes

Edit freehands you are added to

Yes

Yes

Yes

Yes

Create freehands

Yes

Yes

Yes

-

Duplicate freehands

Yes

Yes

Yes

-

Archive and unarchive freehands

Yes

Yes

Yes

-

Delete freehands

Yes

Yes

Yes*

-

To view, duplicate, archive/unarchive, or delete freehands, you must first access the freehand via the share link. Freehands you haven't accessed will not appear in your account.

Design System Manager (DSM)

DSM has separate roles and permissions. Only members of your Enterprise can be added to your DSM organization.

Learn more in this article: DSM Roles and Permissions

Member Permissions settings

You can modify the default member permissions to fine-tune how roles work in your organization.

Only admins have access to member permissions.

To access member permissions:

  1. Sign in to your Enterprise account and navigate to the People page.
  2. Near the top right of the page, click the More (•••) icon.
  3. Click Member Permissions.

Member_permissions.gif

Session

  • Enable session timeouts: If enabled, Enterprise members will be signed out of the Enterprise account after a set period of inactivity.
  • Time before a user is logged out for inactivity: This is set to 1 week by default. Choose from the drop-down menu to set your desired duration.

Global

  • Require authentication for share links: If enabled, your share links cannot be anonymously viewed. Instead, anyone who views the share link will need to be a member of your Enterprise organization and will need to sign in before they can view the corresponding prototype, freehand, or board. If enabled, this applies globally and cannot be overridden on individual share links.
    Note: If this setting is not enabled initially but is later toggled on, individuals who don't belong to the Enterprise will lose access to any documents that they could previously access via share links.
  • Require two-factor authentication for logins: If enabled, all members will be required to set up two-factor authentication. To learn more, check out this article: Two-factor authentication

Manager

  • Can invite members to the company: If enabled, managers can add managers, contributors, and reviewers; however, they cannot add admins. If this is disabled, only admins can add users.
  • Can remove Contributors and Reviewers from the company: If enabled, managers can remove contributors and reviewers from the Enterprise account. If this is disabled, only admins can remove members.

Contributor

  • Enable dashboard: If enabled, contributors can access the Dashboard page from the top navigation. The dashboard is an organization-wide overview of prototype and user activity.
  • Can preview and join all company prototypes: If enabled, contributors can see and join any prototype in the account. Contributors can edit, archive/unarchive, and delete prototypes. If the contributor role is not enabled for a particular individual, a member of the prototype will need to invite that individual to collaborate on the prototype before they can view it. If an Enterprise user clicks a share link for a prototype they're not authorized to view, they can request access.
    Note: Freehand documents are only visible if the contributor has previously viewed the share link.
  • Can view all company members: If this is disabled, contributors will not be able to see other members of the Enterprise organization when adding members to a prototype, when viewing the People page, or when viewing the member filter on the prototypes page and in the activity feed—unless they are on the same team or are collaborating on a prototype with that user. This is ideal for organizations (e.g., agencies) who might not want contributors on one prototype being able to view the individuals associated with another unrelated prototype.
  • Can delete Prototype, Board, and Freehand documents: By default, contributors do not have permission to delete documents—only archive. However, you can enable document deletion at any time by toggling on this setting.

Reviewer

  • Can preview and join all company prototypes: If enabled, reviewers can see and join every prototype in the account. If this is disabled, a member of the prototype will need to invite them to collaborate before they can view it. If an Enterprise user clicks a share link for a prototype they're not authorized to view, they can request access.
    Note: Freehand documents are only visible if the reviewer has previously viewed the share link.
  • Can view and create private comments and dev notes: If this is disabled, a reviewer will not be able to view existing private comments or notes, nor will they be able to create new ones. This is useful for internal discussions that may not be relevant to the reviewer (e.g., discussions with developers about implementation).
  • Can view prototype assets: If enabled, the reviewer can access the assets tab while viewing a prototype.
    Note: This setting does not affect assets generated by Inspect. Reviewers can always access Inspect-generated assets.
  • Can view activity: If this is disabled, a reviewer cannot access the organization-wide activity page nor the activity tab within a prototype—including prototypes they have joined. This allows organizations to work in InVision without displaying a detailed activity log to their clients.

Was this article helpful?