Squarespace allows multiple people to access and manage a website through its contributor permission system. Understanding roles, permissions, and how to manage contributors is essential for team collaboration and site security.
What is a Contributor?
A contributor is anyone with access to your Squarespace site's admin panel beyond the site owner. Contributors can have different permission levels depending on their role.
Key Concepts
- Owner: The person who created the site or billing account (only one owner per site)
- Administrator: Full access to site except billing and ownership transfer
- Contributors: Various permission levels for specific tasks
- Billing Access: Separate permission for managing billing information
Why Use Contributors?
Common Use Cases
Agency or Developer Access:
- Web designer needs to build/edit site
- Developer implementing tracking or custom code
- Temporary access for specific projects
Team Collaboration:
- Marketing team managing blog posts
- Social media manager updating content
- E-commerce manager handling products
Content Editors:
- Writers creating blog posts
- Product managers updating inventory
- Customer service updating FAQ pages
Analyst Access:
- Analytics team viewing data
- Read-only access for reporting
- Limited editing capabilities
Squarespace Permission System
Permission Levels
Squarespace offers granular permission controls:
| Permission Level | Description | Typical Use |
|---|---|---|
| Owner | Full access including ownership transfer | Site owner only |
| Administrator | Full access except billing and ownership | Trusted team members, agencies |
| Website Editor | Can edit pages, not settings | Content managers |
| Store Manager | Manages products, orders, customers | E-commerce team |
| Blog Editor | Creates and edits blog posts | Writers, content team |
| Commenter | Can leave comments only | Limited access |
| Reporting | View analytics only | Data analysts |
| Scheduling | Manage appointments (if enabled) | Service businesses |
See Roles and Permissions for detailed breakdown.
Access Control Best Practices
1. Principle of Least Privilege
Give contributors only the access they need:
- Blog writer? Blog Editor, not Administrator
- Viewing analytics? Reporting, not Website Editor
- Product manager? Store Manager, not full Administrator
2. Regular Access Reviews
- Review contributors quarterly
- Remove inactive users immediately
- Update permissions when roles change
- Audit who has Administrator access
3. Use Specific Permissions
Instead of:
- Making everyone an Administrator
Do:
- Assign specific role permissions
- Grant temporary access when needed
- Revoke when project complete
4. Separate Billing Access
- Keep billing separate from site access
- Only trusted team members need billing access
- Use different permission for financial data
Managing the Contributor Lifecycle
Adding Contributors
Determine Required Access:
- What does this person need to do?
- For how long?
- What should they NOT be able to access?
Send Invitation:
- Get contributor's email
- Choose appropriate permission level
- Set expectations for access duration
Verify Access:
- Confirm they received invitation
- Test that permissions are correct
- Document who has what access
See Adding and Removing Users for step-by-step instructions.
Updating Permissions
When contributor roles change:
- Review current permissions
- Adjust to new role requirements
- Notify contributor of changes
- Document the update
Removing Contributors
When access is no longer needed:
- Remove contributor immediately
- Don't wait for "someday"
- Document removal and reason
- Verify removal completed
Squarespace Account Types
Individual Site Access
- Access to specific Squarespace site only
- Most common for contributors
- Tied to the specific website
Squarespace Account Access
Contributors may have:
- Personal Squarespace account (their own sites)
- Access to your site as contributor
- These are separate
Important: Removing contributor from your site doesn't delete their Squarespace account.
Common Scenarios
Scenario 1: Hiring a Web Designer
Initial Setup:
- Designer needs Administrator access to build site
- Add as Administrator
- Set expectations for timeline
After Launch:
- Reduce to Website Editor (if ongoing content support)
- Or remove completely if one-time project
- Keep contact for future emergency access
Scenario 2: Content Team
Setup:
- Writers: Blog Editor permissions
- Editors: Website Editor permissions
- Marketing lead: Administrator permissions
Ongoing:
- Review quarterly
- Adjust as team members change
- Remove when people leave company
Scenario 3: Analytics Agency
Setup:
- Analyst needs to implement tracking: Temporary Administrator
- After setup: Reduce to Reporting (read-only analytics)
- Or provide GA4 access directly (not Squarespace access)
Alternative:
- Share GA4 property access instead
- No Squarespace contributor needed
- More secure, limited access
Scenario 4: E-commerce Manager
Setup:
- Store Manager permissions
- Can manage products, orders, inventory
- Cannot change site design or billing
Benefits:
- Focused access for role
- Can't accidentally break site design
- Appropriate for employee role
Security Considerations
Protect Your Site
Don't Share Owner Login:
- Never give out owner credentials
- Always use contributor system
- One compromised account = whole site at risk
Use Strong Passwords:
- Require contributors use strong passwords
- Enable two-factor authentication if available
- Don't reuse passwords
Monitor Contributor Activity:
- Review site activity logs
- Notice unusual changes
- Investigate unexpected modifications
Remove Access Promptly:
- When employee leaves
- When contract ends
- When project completes
- When relationship ends
What Contributors Can Access
All contributors can potentially:
- See custom code in Code Injection
- View integrations and API keys
- Access customer data (if Store Manager)
- See analytics data
- Export certain data
Protect sensitive data:
- Don't store passwords in Code Injection comments
- Use environment variables for API keys when possible
- Limit Store Manager access to those who need it
- Regularly audit who has access to what
Squarespace Plan Requirements
Business and Commerce Plans
- Unlimited contributors
- All permission levels available
- Full control over access
Personal Plans
- Limited to 2 contributors
- Basic permission levels
- May not have all granular permissions
If you need more contributors:
- Upgrade to Business plan
- Or remove inactive contributors to make room
Communication Best Practices
When Adding Contributors
Send them:
- Welcome email with access details
- Overview of what they can/can't do
- Timeline for their access
- Contact person for questions
- Documentation or training materials
When Changing Permissions
Notify contributor:
- What's changing and why
- New scope of access
- Effective date
- Who to contact with questions
When Removing Access
Professional communication:
- Thank them for their work
- Explain access is no longer needed
- Provide alternative contact method if ongoing relationship
- Document the change
Troubleshooting Common Issues
Issue: Contributor Can't Log In
Possible Causes:
- Invitation not accepted
- Wrong email used
- Password reset needed
- Account not activated
Solutions:
- Resend invitation
- Verify correct email address
- Check spam/junk folder
- Try password reset
Issue: Contributor Can't Access Specific Feature
Cause: Insufficient permissions
Solution:
- Review their permission level
- Upgrade permissions if appropriate
- Or explain what they can/can't do
Issue: Too Many Contributors (Personal Plan)
Solutions:
- Remove inactive contributors
- Upgrade to Business plan
- Use alternative access methods (share screenshots, GA4 access)
Issue: Contributor Made Unwanted Changes
Solutions:
- Use site version history to restore
- Review and update their permissions
- Consider removing access if serious
- Implement change approval process
Documentation & Record Keeping
What to Document
Keep a record of:
- Who has access (name, email, role)
- Permission level
- Date added
- Date removed (if applicable)
- Purpose of access
- Project or reason for access
Sample Contributor Log
| Name | Permission | Added | Removed | Purpose | |
|---|---|---|---|---|---|
| Jane Designer | jane@agency.com | Administrator | 2024-01-15 | 2024-03-01 | Site redesign |
| John Analyst | john@analytics.co | Reporting | 2024-02-01 | - | Monthly reporting |
| Sarah Writer | sarah@company.com | Blog Editor | 2024-01-10 | - | Content creation |
Migration and Handoff
Transferring Ownership
When selling site or changing ownership:
Prepare for Transfer:
- Document all contributors
- Export important data
- Note all integrations and custom code
Transfer Process:
- Squarespace has specific transfer process
- Follow their documentation
- Verify transfer completed
After Transfer:
- New owner controls all contributor access
- You may lose access
- Plan accordingly
Agency to Client Handoff
Before Handoff:
- Document your access level
- Create handoff documentation
- Train client on contributor management
During Handoff:
- Client should be owner
- Your access reduced or removed
- Create new contributor account for ongoing support if needed
After Handoff:
- Maintain emergency access if contracted
- Or remove access completely
- Document the arrangement
Related Topics
- Roles and Permissions Details - Comprehensive breakdown of each permission level
- Adding and Removing Users - Step-by-step guide for managing contributors