# Contact Permissions {% hint style="success" %} **Audience:** Admins, Developers, Solution Architects **Purpose:** Explains how space.vars.contact permissions work in space.vars.Kizen\_company\_name, how they align with space.vars.object permissions, and how they control access to creating, editing, viewing, and performing bulk actions on space.vars.contact space.vars.entities. {% endhint %} ## Overview space.vars.contacts are a special type of space.vars.object used to represent people in the platform. space.vars.contact permissions determine: * Whether a user can see space.vars.contacts across the platform * Whether a user can create, edit, archive, or export space.vars.contact space.vars.entities * Whether a user can perform single or bulk actions on space.vars.contacts * How space.vars.contact access is enforced across the UI, APIs, space.vars.automations, integrations, and exports ### How Contact Permissions Work space.vars.contact permissions follow the same two-level permission model as other space.vars.objects, with additional system-level behavior specific to people, communication, and identity. Permissions are configured through Teams, Roles, and Permission Groups and govern space.vars.contact visibility, record access, and actions such as creating, editing, archiving, uploading, and exporting. In addition, space.vars.contacts include space.vars.contact field permissions, which control whether users can edit space.vars.contact-specific fields and settings that do not apply to space.vars.objects. For full details and examples, see [Object Permissions.](/docs/concepts/objects/object-configuration/object-permissions.md) *** ## Contact-Specific Permission Areas space.vars.contacts represent people, so their permissions include additional controls for communication, subscriptions, and identity-related actions. ### Accessing Contact Permission Settings {% stepper %} {% step %} #### Go to Contacts and select **Object Settings** from gear icon

{% endstep %} {% step %} #### Select the Permissions tab (Step 5 in Object Configuration)

{% endstep %} {% endstepper %} The Permissions step contains all available space.vars.contact permission settings.

All permissions discussed below can be located from this page. ### Single-Record Contact Actions space.vars.contacts include permissions that allow users to perform communication and interaction actions on individual space.vars.contact space.vars.entities.

Under **Perform Single Record Actions**, space.vars.contact-specific permissions include: * **Send Single Message:** Allows sending an email or text message from an individual space.vars.contact space.vars.entity * **Modify Agentic Workflow:** Allows starting, pausing, or cancelling space.vars.automations from the space.vars.contact context * **Team Associations:** Controls access to employee-based associations for space.vars.contacts * **Subscription Lists:** Allows viewing and managing a space.vars.contact’s email subscription status, including opt-in and unsubscribe state * **View Timeline:** Allows viewing message history and interaction activity for a space.vars.contact These actions do not exist for standard space.vars.objects because they depend on a Contact’s identity and system-managed communication status. Having permission to edit a space.vars.contact space.vars.entity does not guarantee that communication actions are available. Actions may still be restricted based on system-managed space.vars.contact state, such as email status, suppression, or integration configuration. ### Contact-Specific Bulk Actions space.vars.contacts also introduce bulk permissions for communication and subscription workflows that are not available on other space.vars.objects. These permissions control whether users can perform communication or subscription-related actions across multiple space.vars.contact space.vars.entities at once.

Under **Perform Bulk Actions**, space.vars.contact-only permissions include: * **Send Email:** Allows users to send emails to one or more space.vars.contacts, subject to email status, suppression rules, and permission checks * **Send Text:** Allows users to send text messages to one or more space.vars.contacts when SMS is configured and the space.vars.contact has a valid mobile number * **Send Survey:** Allows users to send surveys to space.vars.contacts as part of bulk communication workflows * **Change Tags:** Allows users to add or remove tags on one or more space.vars.contact space.vars.entities for categorization and segmentation * **Manage Subscription:** Allows users to view and update space.vars.contact email subscription status, subject to system-managed compliance rules Unlike generic bulk actions (such as changing field values or exporting space.vars.entities), these actions are explicitly tied to space.vars.contacts and reflect workflows that apply only to people. Bulk communication actions are still subject to: * space.vars.entity-level permissions * Field-level access * System-managed space.vars.contact state (such as opt-in status or suppression) ### Identity and Communication Field Permissions space.vars.contacts expose field-level permissions that directly affect identity and contactability.

When you scroll down further on the page, under **Individual Contact Field Permission (Set All)**, permission controls include: * **Email:** The primary identifier for a space.vars.contact, used to determine email contactability and enable email-based communication and space.vars.automations * **Email Status:** A system-managed field that reflects a space.vars.contact’s email opt-in and deliverability state and may block email sending regardless of user permissions * **Mobile Phone:** Determines SMS contactability and enables text messaging and SMS-based space.vars.automations when configured * **Tags:** A space.vars.contact-specific, dynamic field used for categorization, segmentation, and triggering space.vars.automations and bulk actions * **Timezone:** Stores a space.vars.contact's local time zone and may be used to schedule or personalize communication timing * **Birthday:** A date field used for personalization and date-based space.vars.automations and segmentation These fields differ from typical space.vars.object fields because they: * Determine whether communication actions are allowed * Are referenced by campaigns and space.vars.automations * May be partially system-managed (for example, Email Status) *** ## Contact Permissions in API Responses Permissions for space.vars.contacts are surfaced directly in API responses, just like other space.vars.objects. For more information, see [Object Permissions](/docs/concepts/objects/object-configuration/object-permissions.md). {% hint style="warning" %} **Caution**: space.vars.contact API responses indicate whether the current user can access, edit, create, or perform bulk actions on space.vars.contact space.vars.entities. space.vars.contact-specific communication actions may still be restricted by system-managed space.vars.contact state (such as email status or suppression), even when these permissions are present. {% endhint %} *** ## Important Considerations When working with space.vars.contact permissions, keep the following in mind: * Contacts follow the same permission model as space.vars.objects, but support additional system behavior * Platform-level space.vars.contact access does not imply space.vars.entity-level access * Missing space.vars.contact space.vars.entities or fields often indicate permission restrictions, not missing data * Bulk space.vars.contact actions are subject to the same space.vars.entity-level permission checks * Permission misconfiguration is a common source of space.vars.contact-related issues in both UI and API workflows *** ## What’s Next From here, you may want to explore other topics related to space.vars.contact Permissions below: