# Recommended permissions šŸ“ Find out how to lock down published spaces to protect approved content, and how to configure draft spaces for collaboration and privacy. **Protect your published content, empower your draft creators, and stay in control** Setting up the right permissions is key to making your publishing workflows in Capable both safe and efficient. A good permission structure ensures: * āœ… Approved content is protected and trusted * āœ… Only the right users can create and collaborate in drafts * āœ… Audiences can access published content without accidentally editing it This guide outlines recommended permission settings for both **draft spaces** and **published spaces**, based on typical team use cases. --- ## [#](#published-spaces-lock-down-for-trust)Published Spaces: Lock Down for Trust **Recommended Rule**: _No one should be editing content directly in the published space._ Once content has been reviewed and approved, it becomes a **single source of truth**. Allowing edits directly in the published space bypasses your approval workflow, and can lead to: * Inaccurate or out-of-date information * Untraceable changes * Broken trust with users or stakeholders ### [#](#what-to-set)What to Set: * **Grant View (read-only) access** to anyone who needs to consume the content * **Deny Edit/Delete/Update permissions** to all contributors * **Optionally allow anonymous access** if this space is a public help center or external documentation site * **Restrict space admin rights** to a small number of trusted owners ### [#](#example-use-cases)Example Use Cases: | **Use Case** | **View Access** | **Edit Access** | | ----------------------------------------- | ---------------------- | --------------- | | Internal knowledge base for all employees | All logged-in users | None | | Public help center | Anonymous/public users | None | | Customer support portal | JSM users via portal | None | > šŸ’” All edits should happen in the draft space. If updates are needed, edit the draft and republish. --- ## [#](#draft-spaces-enable-collaboration-hide-from-others)Draft Spaces: Enable Collaboration, Hide from Others Draft spaces are your teamā€™s working area. Here, content is created, discussed, and revisedā€”possibly many timesā€”before itā€™s published. These spaces should be **private**, and only accessible to people who are actively contributing or reviewing content. ### [#](#what-to-set-1)What to Set: * **Grant full edit (Add/Edit/Delete/Comment) permissions** to: * Authors * Editors * Approvers (if theyā€™ll be leaving inline feedback) * **Hide the space** from users who are not directly involved * **Optionally restrict view access** to keep drafts completely private ### [#](#example-scenarios)Example Scenarios | **Role** | **Access in Draft Space** | | ------------------------------------ | ------------------------- | | Technical writer | Edit & create | | Knowledge manager | Edit & approve | | Product manager (approver) | View & approve | | Regular team member not contributing | No access | > āš™ļø Note: For staged workflows (e.g. Product ā†’ Legal ā†’ Marketing), each stage can have its own draft space with a unique permission set. --- ## [#](#summary-permission-guidelines)Summary: Permission Guidelines | **Space Type** | **Who Can View** | **Who Can Edit** | **Notes** | | ------------------- | ----------------------------- | --------------------------- | ------------------------------ | | **Draft Space** | Only contributors & approvers | Authors, editors, approvers | Hide from others | | **Published Space** | Anyone who needs the content | No one | Trusted, approved content only | --- ## [#](#pro-tips)Pro Tips * šŸ›  Use Confluence's space permission settings to enforce these rules * šŸ”’ Lock down published spaces at the page and space level * šŸ‘ Use Confluenceā€™s anonymous access settings for public-facing docs * šŸ§¾ For compliance workflows, combine permissions with Capableā€™s **approval logs** and **publish history** to maintain traceability