Permission Levels and Access Control
Understand the basics of setting up users, teams, and permissions on SpotDraft
Introduction
This section details how to configure access control within SpotDraft, ensuring that team members can only view information relevant to them. Our setup allows you to customize access levels to align precisely with your requirements.
Members
A member is anyone who can log in to SpotDraft. You can add members via the instructions found in "Inviting a new team member". Members can utilize SpotDraft according to the permissions assigned to them directly or through their team(s). They may belong to more than one team.
Teams
A team consists of a group of members. Teams simplify granting the same set of permissions to multiple members.
For example, if 10 people are allowed to manage your contract type, workflows, and key pointers, it is simpler to add them to a team and assign the permissions to the team. Similarly, if they are allowed to create an Order Form contract, it is simpler to add the team as the creator of the Order Form contract type instead of adding all 10 of them as creators separately.
Team point of contact (POC)
One member of a team is designated as the POC or point of contact. A task like review is assigned to a team are directed to this member, who receives necessary notifications. They can then choose to handle the task themselves or assign it to another team member.
Team permissions
Each team can have a specific set of permissions enabled. Except for the default Admin team, permissions for each team are configurable. It's important to note that the Admin team has comprehensive platform access. Ideally, only select individuals should belong to this team.
For example, you can create a team called IT Admins and enable permissions such as Manage Integrations, Developer Settings, Manage Security and Identity. Any member added to this team will gain access to do the respective operations.
Roles
Contract type roles
You can assign a member or team to any of the following pre-defined roles, each with corresponding permissions.
Creators: Allowed to create contracts of the selected type and act as the business user.
Viewers: Allowed to view all contracts of the selected type.
Suggesters: Allowed to make edits to contracts of this type, with changes tracked, provided they are also added as viewers. Their edits require approval from an editor before they reflect on the document.
Editors: Allowed to make edits to contracts of this type, as long as they are either added as viewers of the contract type or requested to review a contract of this type. If their review is requested, they also become the legal user of the contract.
Signatories: Allowed to act as signatories for contracts of this type. The business user will select the required signatory from the list.
Contract roles
Business user: The creator of a contract is automatically the business user. They receive all notifications related to the contract and have permission to perform basic operations like requesting reviews and sending the contract out for collecting signatures. It is possible to reassign the business user. The list of business users that gets populated is from the list of creators added at the contract type level.
Legal user: Business users can request reviews from a predefined set of legal users (Editors) when legal input is required. The selected reviewer becomes the legal user of the contract. It is also possible to assign a legal user without requesting a review by going to the party information card on the contract summary page.
Permission | Business User | Legal User(If they have view access or have been requested review) |
BASIC ACTIONS | —— | —— |
View | Yes | Yes |
Edit | Configurable | Yes |
Void | Yes | Yes |
Put on hold | Yes | Yes |
Modify key pointers | Yes | No |
Upload version | Yes | Yes |
REDLINING | —— | —— |
Request review | Yes | Yes |
Request approval | Yes | Yes |
Send for review | Yes | Yes |
Suggest | No | Yes |
Review | No | Yes |
READY TO BE SIGNED | —— | —— |
Mark for execution | Yes | Yes |
Unmark for execution | Yes | Yes |
Prepare for signing | Yes | Configurable |
Send for signatures | Yes | Yes |
NOTIFICATIONS | —— | —— |
Get all email communications | Yes | No |
Get all Slack notifications | Yes | No |
Approver: When approval is triggered for a contract based on pre-defined conditions on the workflow or when an ad-hoc approval is requested, the member whose approval is requested gains access to this contract.
Signatory: The signatory designated to sign a contract gets access to this contract.
Permission matrix
Role name | Can view | Can suggest | Can edit | Additional info |
Creator | Yes
(The contracts that they created) | Configurable | Configurable | It is possible to configure whether or not the creator can suggest/edit the contracts they created. Under no circumstances will they be allowed to edit contracts created by someone else unless explicitly granted access. |
Viewer | Yes
(All contracts of this contract type) | No | No | - |
Suggester | No | No | No | They get no access until they gain viewer access |
Editor | No | No | No | They get no access until they gain viewer access. It is a common assumption that an editor should automatically gain viewer access, but that’s not how it is designed.
For example, John and Jane are editors of MSAs. There are 100 MSAs on SpotDraft. Of those, John is required to review only 40 of them based on certain logic, and Jane is supposed to review the remaining 60.
If we give implicit viewer access to the editors, John and Jane will see 60 and 40 irrelevant contracts respectively. |
Signatory | No | No | No | They get no access until they gain viewer access. The users or teams selected here are responsible for populating the signatory selection dropdown when creating a contract. Once the user selects a signatory, they gain access to that contract. |
Suggester + Viewer | Yes
(All contracts of this contract type) | Yes
(All contracts of this contract type) | No | - |
Editor + Viewer | Yes
(All contracts of this contract type) | Yes
(All contracts of this contract type) | Yes
(All contracts of this contract type) | - |
Editor + Reviewer | Yes
(The contracts that they are a reviewer for) | Yes
(The contracts that they are a reviewer for) | Yes
(The contracts that they are a reviewer for) | - |
Editor + Legal user
(Not reviewer) | No | No | No | This is used when the legal team is responsible for assigning someone from their team as the legal user. The business user can then refer to this when they want to request a review instead of tagging the team. |
Editor + Approver | Yes
(The contracts that they are an approver for) | No | No | When approval is requested from someone, they get access to view the contract. |
Restrict editing of template questionnaire for a contract
In this section, you will learn how to add restrictions on who can edit the template questionnaire of a template contract.
📖 Navigating to access control settings for a contract type
- Select
Access Controlfrom the Settings section in the left navigation.
- Select
Contract Typesfrom the top header
📖 Setting up restrictions to edit the template questionnaire
- Find the required Contract Type and click on the edit button
- Select
Advanced Settingsand change the setting from Allowed to Blocked
📖 Adding a list of exempted users
- If you wish to allow certain teams to perform this restricted action, select them from the dropdown.
- Save your changes
Inviting users
In certain situations, you might require input on a contract from individuals who aren't predefined within your contract settings. In these cases, you can use the Invite Team feature. This feature allows you to grant specific permissions (such as viewer, suggester, or editor) to these individuals based on your permissions. For example, if Jane has suggester privileges for a contract type, she can invite others as suggesters or viewers, but not as editors.
This feature also enables you to invite people who aren't already part of your SpotDraft workspace. This is particularly useful when you need input from external legal counsel on specific contracts. When such individuals are invited, they're added to the list of members. However, until they're assigned to a team or role, they won't have access to anything except the contract they're invited to review.
Permission matrix
Role name | Can view | Can suggest | Can edit | Additional info |
Viewer | Yes
(This contract) | No | No | - |
Suggester | Yes
(This contract) | Yes
(This contract) | No | The key difference between setting up a suggester on contract type vs inviting someone as a suggester on a contract is that in the latter, the invited user gets implicit viewer access. The reason is that if someone is being invited to make suggestions on a contract, it’s logical that they should be able to view the contract. |
Editor | Yes
(This contract) | Yes
(This contract) | Yes
(This contract) | The key difference between setting up an editor on contract type vs inviting someone as an editor on a contract is that in the latter, the invited user gets implicit viewer access. The reason is that if someone is invited to make edits to a contract, it’s logical that they should be able to view the contract. |
FAQs
Q: I've added John as an editor for my NDA contract type. Why can't he access or view any of the NDAs created by my business team?
A: Adding John as an editor doesn't automatically grant him permission to view or access contracts. It simply allows him to edit them once he gains viewing access. This can be achieved in three ways:
- The business user can use the Request Review option on the contract and select John as the reviewer. This grants him access to that specific contract.
- The business user can use the Invite Team option on the contract and select John as a viewer. This grants him access to that specific contract.
- John can be added as a viewer to the NDA contract type. This grants him access to all the NDAs created.
Last updated on August 23, 2023