Notion Permissions

Permissions control what each person can see and do inside a workspace. They work at several levels, from the whole workspace down to a single page. Understanding these levels prevents accidental data exposure as a team grows.

The Permission Hierarchy

Notion applies permissions in layers, starting broad and narrowing down. Workspace-level roles set a baseline. Teamspace-level roles narrow access to a department. Page-level sharing narrows access further to a specific document.

Permission Layers

LayerControls
Workspace RoleGeneral access across the entire workspace
Teamspace RoleAccess to a specific department's pages
Page Share SettingAccess to one individual page

Workspace-Level Roles Recap

Owner and Admin roles control billing and workspace-wide settings. Member roles can create and edit content freely inside teamspaces they belong to. Guest roles see only the specific pages someone shared with them directly, nothing more.

Teamspace Permissions

A teamspace can be Open, Closed, or Private. An Open teamspace lets any workspace member join freely. A Closed teamspace requires an invite to join but appears in the directory, while a Private teamspace stays hidden from anyone not already added.

Teamspace Visibility Types

TypeWho Can JoinWho Can See It Exists
OpenAny workspace memberEveryone
ClosedInvited members onlyEveryone
PrivateInvited members onlyOnly invited members

Page-Level Overrides

A page inside an Open teamspace can still be restricted to specific people. This override narrows access below the teamspace default. Use this when one sensitive document, such as a salary review, needs tighter access than the rest of its teamspace.

Guest Access in Detail

A guest is someone outside your organization added to specific pages only. Guests cannot browse the sidebar to discover other content, unlike full members. This makes guest access the safest option for external contractors or clients who need limited visibility.

Practical Example: Client Collaboration

Invite a client as a Guest and share only their specific project page. Set their permission to Edit so they can update their own tasks, but not Full Access. The client sees exactly one page and nothing else in your company workspace.

Auditing Permissions Regularly

Review the Members list and the Guests list on a recurring schedule, such as monthly. Remove access for anyone who no longer needs it, such as a completed project's external contractor. This habit closes security gaps before they become a real problem.

Leave a Comment

Your email address will not be published. Required fields are marked *