User Permissions Matrix - Web
- Last updated
- Save as PDF
The following reference page is a comprehensive breakdown of all user actions and the specific user permissions (Read Only, Standard, and/or Admin) that are required to be able to perform that action. Since certain tools are available at both the Company and Project levels, be sure to select the appropriate navigational hyperlink below.
Company Level
Admin (Company Level)
The following table highlights which user permissions are required to perform the described user action.
- Indicates that the task can only be completed when Procore is configured to use the Company level ERP Integrations tool. See ERP Integrations.
* The user must have 'Admin' level permissions on both the Company and Project level Admin tools.
Conversations (Beta)
The following table highlights which user permissions are required to perform the described user action.
Note: The Conversations tool does not have its own set of permissions to assign and instead relies on users being part of a project's Directory and having access to items within that project. See the notes below the table for specific considerations.
1 The permission required for creating and managing a group depends on the 'Group Conversations Permissions' setting in the Company level Admin tool of the Procore account. See Configure Access and Settings for the Conversations Tool.
- If 'Administrators' is selected, 'Admin' level permissions to the Project or Company level Directory tool.
- If 'Internal Employees' is selected, users who are marked as internal employees. See How do I add someone as an employee of my company?
- If 'Everyone' is selected, any user in the Company Directory.
2 This action can be performed by any user in the project's Directory (for their own conversations and items that they have access to). See the specific considerations below:
- Direct Messages:
- If Direct Messages are enabled for the account, anyone in the project's Directory (and Company Admins) can be messaged or mentioned.
- If Direct Messages are only enabled for internal employees, only users marked as employees of the company can be messaged or mentioned. See How do I add someone as an employee of my company?
- Direct messages are private and can only be seen by the individuals in the message. Admin users cannot view direct messages that they are not a part of.
Note: A data export containing direct messages can be provided to Company Admins by Procore Support if needed.
- Group Conversations:
- Anyone in the project's Directory (and Company Admins) can be messaged or mentioned in a group.
- Messages within a group conversation can only be seen by members of that group.
- Item Conversations:
- Conversations for specific items in a project can only be viewed and participated in by users with access to the item in Procore ('Read Only' or higher permissions to the item's tool and appropriate access if an item is marked as Private).
- All conversations:
- Users can only message or mention users who exist in the project's Directory, as well as Company Admins.
- Users can only edit and delete their own messages (within 5 minutes of sending and if the feature is enabled).
- Users can only hide a conversation from their own view.
Cost Catalogue
The following table highlights which user permissions are required to perform the described user action.
Directory (Company Level)
The following table highlights which user permissions are required to perform the described user action.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Company Permissions Template for more information.
Important
A user who is granted 'Admin' permissions on the Company level Directory tool is automatically granted 'Admin' permissions across all Project level tools and all Company level tools.1 A user with 'Standard' level permission must also be granted the 'Request Company and People Imports' granular permission. See Grant Granular Permissions in a Project Permissions Template and Request Company and User Imports.
2 The template is designed for use with Microsoft Excel. Although not recommended, you may be able to use a spreadsheet program that is compatible with the XLSX format. A user with 'Admin' level permission or a user with 'Standard' level permission plus the 'Request Company and People Imports' granular permission can download the template from the Procore web application. See Download the Company or User Import Template.
Documents (Company Level)
The following table highlights which user permissions are required to perform the described user action.
1 Users with 'Standard' level permissions can only check in a file that they have checked out.
2 Users with 'Read Only' or 'Standard' level permissions can only access 'Private' files and folders if they have been granted access to the file or folder.
3 Search results will only include the documents the user performing the search has access to.
ERP Integrations
Integration by Procore | Integration by Ryvit | Sage 100 Contractor | Sage 300 CRE | QuickBooks
Sage 100 Contractor
Inspections (Company Level)
The following table highlights which user permissions are required to perform the described user action.
Permissions
The following table highlights which user permissions are required to perform the described user action.
1 Users with the appropriate permissions can assign company permissions templates to users in the Company level Directory tool when creating or editing a user account. See Add a User Account to the Company Directory and Edit a User Account in the Company Directory.
2 Users with the appropriate permissions on the Company level Directory tool can assign a default project permissions template to a user when creating or editing the user's Directory record. See Add a User Account to the Company Directory and Edit a User Account in the Company Directory.
3 Users with the appropriate permissions on the Company level Directory or Project level Directory tools can change a user's project permissions template on a specific project when adding the user to a project or editing the user's Directory records. See Add a User Account to the Project Directory, Edit a User Account in the Company Directory, and Edit a User Account in the Project Directory.
4 Users with the appropriate permissions can create project specific permission templates in the Project level Directory tool. See Create a Project Specific Permissions Template from the Project Directory.
Planroom
The following table highlights which user permissions are required to perform the described user action.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Check the Status of your Tender | ![]() |
![]() |
![]() |
![]() |
Configure Advanced Settings: Planroom | ![]() |
![]() |
![]() |
![]() |
Download Tender Documents | ![]() |
![]() |
![]() |
![]() |
Indicate your Intention to Tender | ![]() |
![]() |
![]() |
![]() |
Submit a Tender | ![]() |
![]() |
![]() |
![]() |
Submit a Pre-tender Question | ![]() |
![]() |
![]() |
![]() |
Update a Submitted Tender | ![]() |
![]() |
![]() |
![]() |
View a tender package you have been invited to | ![]() |
![]() |
![]() |
![]() |
View the Planroom tool | ![]() |
![]() |
![]() |
1 Bidders must be added to the Company level Directory in order for you to invite them to tender on a project. Once a company is added to a tender package, tenderers within that company will automatically be given access to the Planroom upon logging into Procore.
Portfolio
The following table highlights which user permissions are required to perform the described user action.
1 This task requires 'Admin' level permissions on the Company level Directory tool or 'Read Only' or higher on the company's Portfolio tool with the privilege to create new projects. See Allow Users to Create New Projects.
2 Only users who were added to the Project level Directory for one or more inactive projects can view those inactive projects in the company's Portfolio tool.
Prequalification Portal
The following table highlights which user permissions are required to perform the described user action.
Note: Users will only have access to prequalification forms that they have been invited to collaborate on.
Users need to be added to the Company level Directory in order for you to invite them to prequalify. Once they are invited to prequalify, they will automatically be given 'Read Only' permissions on the Prequalification Portal tool.
Prequalifications
The following table highlights which user permissions are required to perform the described user action.
Users need to be added to the Company level Directory in order for you to invite them to prequalify. Once they are invited to prequalify, they will automatically be given 'Read Only' permissions on the Prequalification Portal tool.
1 'Standard' level users can view all categories response data except for Financials.
2 'Standard' or 'Admin' level permissions are required on the company's Directory tool to complete this function.
3 'Standard' level users can perform functions on items they have created.
Programs
The following table highlights which user permissions are required to perform the described user action.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Add Project Groups | ![]() |
|||
Add a Project to a Project Group | ![]() |
|||
Assign a Project to a Different Project Group | ![]() |
|||
Delete a Project Group | ![]() |
|||
Edit Project Group Information | ![]() |
|||
Remove a Project from a Project Group | ![]() |
|||
View Project Groups | ![]() |
![]() |
![]() |
* These actions require the displayed permissions on either the Company or Project level Admin tool.
Reports (Company Level)
The following table highlights which user permissions are required to perform the described user action.
1 This task can only be completed by the report's creator.
2 Report-specific permissions may apply.
3 This task can be completed by users with access to the report as its creator or a viewer (if shared).
4 This task can only be completed by the creator of a report's visuals.
5 The Company Level Open Submittals Report must be enabled on the backend by Procore.
6 This task can only be completed by the dashboard's creator.
Program (Company Level)
The following table highlights which user permissions are required to perform the described user action.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Create Calendar Items | ![]() |
![]() |
||
Configure Advanced Settings: Company Level Program | ![]() |
|||
Search Project Programs | ![]() |
![]() |
![]() |
|
View All Schedule Tasks (for projects they have access to) ![]() |
![]() |
![]() |
![]() |
|
View All Programmed Tasks for All Projects | ![]() |
Timecard
The following table highlights which user permissions are required to perform the described user action.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Configure Advanced Settings: Timecard | ![]() |
|||
Configure Your Company For The Timecard | ![]() |
|||
Create a Timecard 1 | ![]() |
![]() |
||
Edit a Timecard 1 | ![]() |
![]() |
||
Export a Timecards Report | ![]() |
|||
Delete a Timecard 1 | ![]() |
![]() |
||
View the Change History of a Timecard | ![]() |
|||
View a Timecard 1,2 | ![]() |
![]() |
![]() |
1 Users with 'Standard' level permissions can view, create, edit and delete their own timecards.
2 Users with 'Read Only' level permissions can only view their own timecards.
Timesheets (Company Level)
The following table highlights which user permissions are required to perform the described user action.
1 'Admin' users on the project's Timesheets tool can perform functions on all time entries.
2 'Standard' users on the project's Timesheets tool can perform functions on time entries that they have created.
3 'Admin' level permissions are required on QuickBooks® Desktop Desktop to complete this function.
4 'Admin' level permissions are required on Sage 300 CRE® Desktop to complete this function.
5 Transferring time entries from Procore does NOT require the Procore + QuickBooks® Connector and/or Procore + Sage 300 CRE® Connector.
6 'Admin' users on the Company's Timesheets tool who have been added to the project can perform functions.
7 'Admin' users on the Company's Timesheets tool can perform functions on all time entries.
Workforce Planning
To access the Workforce Planning tool, users must have 'Read Only' permissions or higher for the Workforce Planning tool in the Company level directory. Their ability to take actions within the Workforce Planning tool are managed by these additional granular permissions.
Project Level
Action Plans
: Denotes an action supported in Procore's iOS and/or Android mobile application.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
Admin (Project Level)
The following table highlights which user permissions are required to perform the described user action.
: Indicates that the task can only be completed when Procore is configured to use the Company level ERP Integrations tool. See ERP Integrations.
1 You must have 'Admin' permissions to the Project level tool that you want to extract data from.
2 The Project level Timesheets tool must also be enabled.
3 The Project level Admin tool's Permissions Table page only allows permissions to be changed for users who do not have a permission template assigned to them and are not Company level Admins. All other permissions must be managed in the Project and Company Level Directory tools.
Tendering
The following table highlights which user permissions are required to perform the described user action.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
1 Users must also have 'Admin' level permission to the Project level Directory tool to complete this function.
Note: In projects updated to Tender Management Enhanced Experience, this action can also be performed by users with 'Read Only' or higher permissions to the Project level Directory tool with the 'Create and Edit Companies' AND 'Create and Edit Users' granular permissions.
2 Users with 'Standard' level permission can view Tender Notes by default.
3 Users must also have 'Read Only' or higher permissions to the Documents, Drawings or Specifications tools. Users can only view and update items that they have access to.
4 Users with 'Read Only' or higher level permissions to the project's Tendering tool AND added to the Tendering CC Group can complete this function.
5 These tasks are performed by tenderers using the Company level Planroom tool. See Planroom.
Budget
The following table highlights which user permissions are required to perform the described user action.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
: Indicates your company's Procore account must be configured to work with an integrated ERP system.
1 This task also requires 'Admin' permissions on the project's Client Contracts, Funding or Head Contracts tool.
2 Also requires 'Admin' permissions on the Company level Reports tool.
3 These steps require that your company has enabled the ProEst by Procore integration.
4 The Reports tool must be an active Project Tool. See Add and Remove Project Tools.
Change Events
The following table highlights which user permissions are required to perform the described user action.
- Denotes an action that is supported by Procore for Android or Procore for iOS.
1 These tasks also require additional permissions on other tools in Procore. For more information, view the "Things to Consider" section in the tutorial for that action.
2 Users with 'Standard' permission can only delete the change events they create.
3 Users with 'Standard' permission can only edit the change events they create.
4 Users also need 'Standard' or 'Admin' level permissions on the Commitments tool.
5 Collaborators can submit a quote only if they receive an RFQ email notification. To be eligible to receive an email, the collaborator's user account must be granted 'Standard' level permissions on the project's Commitments tool and designated as the 'Assignee' on the RFQ. For details, see Assign and Send an RFQ to a Collaborator and Submit a Quote as a Collaborator.
Variations
The following table highlights which user permissions are required to perform the described user action.
1 To perform this task as a user with 'Standard' level permissions on the Variations tool, you must be the 'Designated Reviewer' on the variation. See Create a Commitment Variation.
2 Users with 'Admin' level permissions on the project's Variations tool must be granted additional tool permissions: (1) To edit a Commitment Variation (CV), 'Admin' level permissions on the project's Commitments tool, and/or (2) to edit a Head Contract Variation (HCV), 'Admin' level permissions on the project's Head Contracts tool. Additional factors may also apply. For details, see Edit a Variation.
3 Users with 'Read Only' or 'Standard' level permissions on the project's Variations tool can view variations for contracts not marked 'Private.' If a contract is marked 'Private,' users must be added to the 'Private' drop-down list on the contract.
4 Users with 'Admin' level permissions to the project's Variations tool can also view variations for contracts not marked 'Private'. If a contract is marked 'Private', users either be (A) added to the 'Private' drop-down list on the contract or (B) assigned 'Admin' level permissions on the Commitments and/or Head Contracts tool.
Admin Tool
The following table highlights which user permissions are required in the project's Admin tool to perform the described user action.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Enable the Variations Tool | ![]() |
Commitments
The following table highlights which user permissions are required to perform the described user action.
: Denotes an action that is supported in Procore's iOS and/or Android mobile application.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
: Indicates your company's Procore account must be configured to work with an integrated ERP system.
1 User must have 'Standard' permissions on the project's Commitments tool. Users must also be added to the Private drop-down list for that commitment or must be designated as a Progress Claim Contact. See Add Progress Claim Contacts to a Commitment.
2 Also requires a DocuSign© account.
3 Users must have 'Read-Only' or 'Standard' permissions on the project's Commitments tool. Users must also be added to the Private drop-down list for that commitment or must be designated as a Progress Claim Contact. See Add Progress Claim Contacts to a Commitment.
4 Commitments synced with an integrated ERP system cannot be deleted until they are unlinked. See Delete a Commitment Synced with QuickBooks® Desktop and Delete a Commitment Synced with Sage 300 CRE®. The progress claim must be in the 'Draft' or 'Revise and Resubmit' status for a user with 'Standard' level permissions to delete it.
5 Users with 'Admin' permissions on the project's Commitments tool can export a commitment as either a PDF or a DOCX file. Users with 'Standard' or 'Read-Only' permissions on the project's Commitments tool can export a commitment to the PDF file format if they have been granted access to the purchase order or subcontract via the Private drop-down list and the 'Allow These Users to See SOV Items' check box is enabled.
6 Users with 'Read-Only' permissions on the Commitments tool can perform these procedures if they are also listed in the Private field under the commitment's General tab.
7 Users with 'Read only' and 'Standard' permission (and who have NOT been assigned the granular permission detailed in the table) must also be a member of the 'Private' list.
8 Also requires 'Standard' or 'Admin' permission on the project's Change Events tool.
9 Users with 'Standard' level permissions on the project's Commitments tool can create PVs when they are added to the 'Private' drop-down list and the 'Allow Standard Level Users to Create PVs' configuration must be selected.
Co-ordination Issues
The following table highlights which user permissions are required to perform the described user action.
1 Users will also need 'Standard' or 'Admin' permissions on the RFIs tool.
2 'Standard' users can only edit, reopen and delete coordination issues that they created.
3 'Standard' users can only mark a coordination issue as complete if they are listed as the Assignee.
4 Users can only edit or delete comments that they have added.
5 Users can only reassign a co-ordination issue to another user if they are currently listed as the Assignee on the issue. However, 'Admin' users can change the assignee for a co-ordination issue by editing the Assignee field on the issue. See Edit a Co-ordination Issue.
6 Users will also need 'Standard' or 'Admin' permissions to the project's Observations tool.
Correspondence
The following table highlights which user permissions are required to perform the described user action.
: Denotes an action that is supported in Procore's iOS and/or Android mobile application.
1 Users with 'Read Only' level permissions and the necessary granular permissions on a correspondence type can perform this task for correspondence items that they created.
2 Users with 'Standard' level permissions on a correspondence type can perform this task for correspondence items that they created.
3 Users will need additional permissions depending on the new item's tool.
4 Users will need additional permissions on the project's Drawings tool.
Site teams
The following table highlights which user permissions are required to perform the described user action.
- Denotes an action supported in Procore's iOS and/or Android mobile application.
Task | None | Read Only | Standard | Admin |
---|---|---|---|---|
Add a Worker 1, 2 ![]() |
![]() |
![]() |
||
Create a Site team ![]() |
![]() |
![]() |
||
Delete a Site Team | ![]() |
|||
Edit a Site team 2 ![]() |
![]() |
![]() |
||
Edit a Worker 1 ![]() |
![]() |
|||
Remove a Worker 3 | ![]() |
|||
Search Site Teams | ![]() |
![]() |
![]() |
|
Search for a Worker | ![]() |
![]() |
![]() |
|
View a Site team ![]() |
![]() |
![]() |
![]() |
|
View a Worker ![]() |
![]() |
![]() |
![]() |
1 Users must also be granted 'Read Only' or 'Standard' level permissions on the Project level Directory tool with the 'Create Contacts' granular permission enabled on their permission template OR must be granted 'Admin' level permissions on the Project level Directory tool to perform this task.
2 Users with 'Standard' permission can only edit a site team when designated as the 'Crew Lead'. See Create a Site team.
3 'Admin' users must also be granted 'Admin' permission on the project's Directory tool to perform this task.
Site Diary
The following table highlights which user permissions are required to perform the described user action.
: Indicates an action supported in Procore's iOS and/or Android mobile application.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
2 Users with 'Standard' permissions who are granted the ‘Standard Users Can Edit and Delete Own Entries’ granular permission can edit or delete their own entries for days that have not been marked as complete.
3 Users with 'Read Only' or 'Standard' permissions who are granted the 'Collaborator Entry Only' granular permission can edit their own entries until they are approved.
4 Users with 'Read Only' or 'Standard' permissions who are granted the ‘Collaborator Entry Only’ granular permission can only view registers that they created.
5 The Calendar View is not visible to users with the ‘Collaborator Entry Only’ granular permission enabled on their permission template.
6 The granular permission for 'Collaborator Entry Only' has to be on a global template before the option is available in the Site Diary configuration settings.
Direct Costs
The following table highlights which user permissions are required to perform the described user action.
+ : Indicates that one or more granular permissions are available for the task. See the relevant tutorial or Grant Granular Permissions in a Project Permissions Template for more information.
Directory (Project Level)
The following table highlights which user permissions are required to perform the described user action.
Important
A user who is granted 'Admin' level permissions to the Project level Directory tool is also automatically granted 'Admin' permissions across all of the project's tools.: Denotes an action that is supported in Procore's iOS and/or Android mobile application.