Managing permissions on Meta Business Suite is critical for maintaining brand security, ensuring proper access control, and avoiding unnecessary exposure of your Facebook, Instagram, and other Meta assets. This guide outlines how permissions work, how to add them the right way, and what common mistakes to avoid.
Overview: How Permissions Work on Meta
Meta Business Suite (formerly Facebook Business Manager) centralizes asset control for all Meta platforms—Facebook Pages, Instagram accounts, WhatsApp numbers, Ad Accounts, and more. There are two core ways to manage access:
Business Settings (Recommended) – Secure, centralized, auditable
Page-Level Access (Not recommended) – Isolated, non-transparent, hard to manage
Do: Use Business Settings to manage permissions securely
Don't: Avoid assigning roles directly via the Facebook Page or Instagram app
Step-by-Step: How to Securely Add People via Meta Business Suite
Step 1: Open Business Settings
Select your business account from the dropdown at the top-left (if managing multiple)
Step 2: Navigate to "People" and Add a User
Click “Users” → “People”
Click “Add”
Enter the user’s business email address
Choose their role:
Employee Access: Default, limited to selected assets
Admin Access: Full control (use only for internal senior roles)
⚠️Security tip: If the user is not a permanent user - choose "Temporary access" and set the needed date for terminating the access.
Step 3: Set General Access and Assign Asset Permissions
Once you've added the user's email and clicked “Next”, you'll need to configure two layers of access:
Choose the User's General Business Access Level
Meta Business Suite lets you define a broad role at the business level:
Role Type | Description |
Full Control | Grants full access to manage business settings, all assets, users, and financial details. Recommended only for senior internal staff. |
Partial Access | Allows access only to specific assigned assets (like Facebook pages, Instagram, ad accounts, etc.). Best for employees, vendors, or freelancers. |
Finance Analyst/Editor | Grants access only to financial information such as invoices, payment settings. Use for finance teams or accountants. |
⚠️Security Tip: Use Full Control sparingly. Most users should have Partial Access with asset-specific permissions.
Step 4: Assign Specific Assets and Configure Permissions
After setting the general access level, you’ll see a list of asset categories on the left side (Pages, Instagram accounts, Ad Accounts, WhatsApp, etc.), and on the right — a list of actual assets.
For each asset type:
1. Select the Asset Category (e.g., Facebook Pages)
Click on Pages, for example.
2. Choose the Page(s) You Want to Assign
Toggle on the specific Page(s) the user should access.
3. Set the Role/Permission Level per Page
Meta offers granular control within each asset type.
For Pages, for instance:
Permission Category | What it Includes |
Content | Create/edit/delete posts, Stories, and media |
Messages | Read and reply to messages and comments |
Community Activity | Manage interactions (hide/delete comments) |
Ads | Create/manage ads for the page |
Insights | View analytics for page performance |
Full Control | All of the above, plus assigning roles (like an Admin) |
Step 5: Send the Invitation and Ensure Proper Acceptance
After assigning general access and asset-specific permissions, click “Send invitation”. The invited user will receive an email from Meta with the subject like “You’ve been invited to join a business on Meta”.
Step 6: What the User Must Do
Open the invitation email.
Click the Accept Invitation link.
Log into their Facebook account (or create one if they don’t have one).
Once logged in, they’ll be redirected to accept access to:
The Business Account
The assigned assets (Pages, Instagram, Ad Accounts, etc.)
⚠️ If they don't accept the invite, they will not appear as active in the Business Settings, and will not be able to access any assets.
Troubleshooting Common Issues
If the wrong email was used, cancel the invite and send a new one.
If the invite expires (after a few days), you can resend it from the People tab.
If the user claims they cannot see assets, verify:
The email matches their Facebook account
The assets are still connected to the Business Manager
They accepted access from the correct link
Final Step: Remove Unauthorized Users via Page Setup
Even after assigning access properly through Meta Business Suite, there may still be users with direct Page-level access (e.g. added long ago or outside the Business Suite). These users remain invisible inside Business Settings and can pose a serious security risk if not removed.
You must manually revoke their access via the Page Setup section in the Facebook Page settings.
How to Review and Remove Access via Page Setup
📸 Refer to the screenshot you provided for context
Go to your Facebook Page
Click Settings & privacy
Select “Page setup”
Look for the section labeled Page Access
Review the list of users who have been granted access directly
For each user you want to remove:
Click the three-dot menu (⋯) next to their name
Select “Remove Access”
🔐 These users were likely added before your Meta Business Suite setup or via Facebook’s older interfaces. They can retain full admin privileges without your knowledge.
What to Look For
Personal Facebook profiles
Old employees or freelancers
Users who should now be managed only via Meta Business Suite
Why This Step Matters
Without Cleanup | With Page Setup Cleanup |
Hidden admins | ✅ Fully visible access |
No audit trail | ✅ Business-owned controls |
Risk of rogue actions | ✅ Secure and contained |
Internal Policy (Final Reminder)
“Once Meta Business Suite access is assigned, administrators must go to the Page Setup section and remove all direct page-level users to centralize control and ensure full visibility.”
This ensures that only users assigned through Business Suite retain access — keeping your brand secure and your asset management auditable.