What are permissions in Procore and how do they work?

Summary

Procore has two levels of tools, Project level and Company level. Users are assigned permissions to these tools using company and project permission templates.

All users are given a general permission level for each tool, like 'Standard', or 'Read Only'. You can choose to assign an extra layer of more granular capabilities using granular permissions.

Some less common scenarios might require a user to be given a role-based permission in addition to a general permission level, or in addition to a general permission level with added granular permissions, to be able to accomplish certain tasks.

Explore the User Permissions Matrix to review the permissions required to perform any task in any Procore tool.

Answer

There are many types of configurations you can achieve when managing permissions in Procore. The way permissions work at both the company and project level is very similar. Permissions are layered using the following components:

General Permission Levels in Permission Templates
Granular Permissions in Permission Templates
Role-Based Privileges

General Permission Levels in Permission Templates

General permissions levels are the basic permission levels available for each tool in Procore:

None. No permissions to the tool at all. If a user has 'None' permissions to a tool, it will not be visible in their tool menu.
Read Only. Generally speaking, this level allows users to see information in a tool, but not interact with it.
Standard. Generally speaking, this level allows users to see information, and interact with it, but not manage certain things like configuration settings or other administrative actions.
Admin. This level of access allows users full access to a tool, its configurations, and capabilities.

With few exceptions, users will be granted one of these general permission levels on all tools, both company and project level. Then, additional permission layers like granular permissions can be added to enhance a user's capabilities in a more granular way.

Granular Permissionsin Permission Templates

Granular permissions gives users with 'Read Only' or 'Standard' additional access to perform a specific task.

For example, a user with 'Standard' permissions cannot add new users to the Directory, but you can add the 'Create and Edit Users' granular permission to their permission template to allow them to do so. See Which Procore tools support granular permissions?

Role-Based Privileges

In some less common situations, there are permissions given based on a user's role. These are called 'Role-based privileges', and are only applicable to a few tools.

For example, for a user to manage your ERP system's integration, you must assign them the 'Accounting Approver' role. This is a role-based privilege assigned directly from their Company Directory record, not a permission template. You won't find it in the Permissions tool or any permission templates

To learn more about the role-based 'Accounting Approver' privilege, see Grant Accounting Approver Privileges.

Certifications

Training Video Library

Permissions Matrix

Glossary of Terms

System Status

Community

Product Updates

Developers

Australia (English)

Brasil (Português)

Canada (English)

Canada (Français)

Deutschland (Deutsch)

España (Español)

France (Français)

Latinoamérica (Español)

Polska (Polski)

United Kingdom (English)

United States (English)

新加坡 (中文)

日本 (日本語)