.png)
Project & workspace access
Your company role sets what you can do. Where you can do it depends on workspace and project membership. This is what lets a Member act freely on their own projects while staying out of others.
Workspace access
Whether you see a workspace depends on your company role:
- Owners, Admins, and Managers see every workspace automatically — their authority is company-wide.
- Members, Viewers, and Guests see only the workspaces they've been explicitly added to.
Within a workspace, membership carries a simpler role — admin, member, or viewer — covered in Companies & Workspaces.
The project-membership gate
For anything scoped to a specific project — its tasks, documents, board, and conversations — there's an extra check beyond your role:
- Owners, Admins, and Managers can act on any project in the company without being added to it.
- Everyone else must be a member of that project to act on it. Having the right level isn't enough on its own; you also have to be on the project.
Why both checks?
Role alone could let any Member edit any project in the company. The project gate narrows that down: a Member edits the projects they're on, not everything. It's least privilege in action — broad enough to work, narrow enough to be safe.
How a permission is decided
When you try to do something project-related, Bluprint checks, in order:
- Do you have access to this company? (active membership)
- Does your role meet the level the action needs? (e.g. editing needs read/write)
- Are you a member of this project? (skipped for owner/admin/manager)
If any check fails, the action is refused — it fails closed.
Next
Last updated: 2026-05-31