Sawankr logo
Go Highlevel

GoHighLevel Sub-Accounts & User Roles: Complete 2026 Setup Guide

By Sawan Kumar
Share:
0 views
Last updated:

Quick Answer

Complete 2026 guide to GoHighLevel sub-accounts and the 4 user roles, with a 6-step setup plan that cuts new-client onboarding from 6 hours to 25 minutes and prevents the 4 most expensive permission accidents agencies make.

Key Takeaways

  • 1Build a master 'Template' sub-account with pipelines, calendars, and 3-5 core automations, then clone via Snapshot — cuts new-client setup from 6 hours to 25 minutes.
  • 2Default every new client to Account User role, never Account Admin — upgrade only after a 30-minute training and explicit sign-off.
  • 3Restrict Agency Users (VAs) to only the specific sub-accounts they manage — don't expose all clients in their dropdown.
  • 4Disable the four dangerous toggles for client users: Delete Contacts, Delete Workflows, Settings access, and Phone Number management.
  • 5Upgrade to Agency Pro ($497/mo) for unlimited sub-accounts and SaaS rebilling — the Starter plan's 1-sub-account cap kills agency scaling.

⚡ Quick Answer

A GoHighLevel sub-account is an isolated client workspace with its own contacts, pipelines, and automations, while user roles (Agency Admin, Agency User, Account Admin, Account User) control who can access what across those workspaces. According to G2's HighLevel reviews, account isolation and granular permissions are the top two reasons agencies switch from HubSpot or ActiveCampaign. Get this right on day one and you eliminate roughly 80% of the support tickets that hit new agencies in their first 90 days.

Getting GoHighLevel sub-accounts and user roles right from the start is the difference between a clean, scalable agency operation and a support nightmare where clients stumble into each other's pipelines.

A GoHighLevel sub-account is a fully isolated workspace created for each client inside your agency account. Each sub-account has its own contacts, pipelines, calendars, automations, and settings — completely separate from every other sub-account. User roles determine who can access what: Agency Admins see everything across all sub-accounts, while Account Users see only the specific client workspace you assign them to. Setting this up correctly the first time removes the single biggest source of client confusion in GoHighLevel onboarding.

What GoHighLevel Sub-Accounts Actually Are

Think of your GoHighLevel agency account as the head office. Every client you bring on gets their own branch — that branch is the sub-account. Inside that sub-account, you can build out their entire CRM, marketing automations, funnels, calendars, and reputation management — completely isolated from every other client's data.

Sub-accounts are not just organizational folders. They are distinct environments. A client logged into their sub-account cannot see any other client's data, contacts, or campaigns. An automation inside Client A's sub-account cannot trigger anything inside Client B's sub-account. This isolation is what makes GoHighLevel viable for agencies managing dozens of clients from a single platform.

In 2026, GoHighLevel also supports white-labeling at the sub-account level — meaning your client sees your brand, not GoHighLevel's. This matters for agency positioning: you are the platform, GoHighLevel is the engine running quietly in the background.

The Four GoHighLevel User Roles Explained

GoHighLevel has four distinct user roles, and understanding the difference between them is non-negotiable before you invite a single person onto the platform.

  • Agency Admin: Full access to everything — the agency dashboard, all sub-accounts, billing, SaaS configuration, API keys, and the ability to create or delete sub-accounts. Reserve this role for yourself and, at most, one trusted operations lead.
  • Agency User: Can access the agency dashboard and work inside sub-accounts with restrictions you configure. This is the right role for internal team members managing multiple client accounts — account managers, fulfillment staff, onboarding specialists.
  • Account Admin: Full control within a single sub-account — contacts, pipelines, automations, settings, and user management within that workspace only. Assign this to a client's internal marketing manager who needs deep access to their own environment.
  • Account User: The most restricted role. Accesses only the specific modules you explicitly enable — Conversations, Contacts, Calendars, Opportunities. Ideal for client staff who need to work the pipeline without touching automations or account settings.

The principle I apply here is the same one I teach to over 79,000 students across my courses: give people the minimum access they need to do their job. Over-permissioning is a one-way door — cleaning it up is always harder than setting it right the first time.

How to Create a GoHighLevel Sub-Account Step by Step

Creating a sub-account takes under five minutes once you know the sequence.

  • Log into your GoHighLevel agency dashboard.
  • Click Accounts in the left sidebar, then select + New Account.
  • Fill in the business name, address, phone number, and timezone. Use your client's actual business details — these populate CRM defaults and appear inside automated messages.
  • Choose a snapshot if you have one. Snapshots are pre-built configurations — funnels, automations, pipelines — that load automatically into the new sub-account. Using a snapshot cuts client onboarding from hours to under 30 minutes.
  • Set the subscription plan if you are running SaaS mode. This controls which features your client can access without manual toggling after setup.
  • Click Save. The sub-account is live and accessible from your agency dashboard immediately.

After creating the sub-account, go into it immediately and verify the default timezone, currency, and business phone number. These three settings cause the most downstream errors when left at US defaults for a client based in the UAE, India, or anywhere outside North America.

Assigning Staff and Client Access Correctly

Once the sub-account exists, inviting users with the wrong role is the most common setup error I see agencies make.

To invite a user: navigate into the sub-account, go to Settings → Team, and click + Add Employee. Enter their email, select their role — Account Admin or Account User — and configure exactly which modules they can access: Conversations, Contacts, Calendars, Opportunities, Reporting.

For client staff at the Account User level, be deliberate. A sales rep needs Conversations and Opportunities. They do not need Automations, Settings, or Integrations. Leaving those enabled is how clients accidentally delete the workflows you spent days building for them.

For your own internal agency team, use the Agency User role and assign them specifically to the sub-accounts they manage. An Agency User with no sub-account assignment cannot see any client data — a useful safeguard when onboarding contractors or part-time help.

Client-facing logins show only the sub-account UI, not the agency dashboard. A client sees their own contacts, pipelines, and settings — nothing else. No other clients, no agency billing, no SaaS pricing. That isolation is what makes GoHighLevel a trustworthy long-term client platform.

Common Permission Mistakes Agencies Make

After working through GoHighLevel configurations with agencies across dozens of setups, the same four errors appear every time.

  • Assigning client staff as Agency Users. This exposes your agency dashboard and every other client's sub-account list. Client staff always go into Account-level roles — never agency-level.
  • Leaving all modules enabled for Account Users. GoHighLevel defaults often enable every module on invitation. Manually uncheck Automations, Settings, and Integrations for any client-facing login before you send the invite.
  • Skipping snapshots. Building each sub-account from scratch creates inconsistency and wastes hours. Build one tested master snapshot and load it every time a new client account is created.
  • Sharing Agency Admin credentials. Every person who needs platform access gets their own account with the appropriate role. Shared logins are a security liability and make accountability impossible when something breaks.

Pro Setup Tips for Agencies Managing Multiple Clients

When you cross five or six active sub-accounts, the gap between a tidy operation and a chaotic one becomes visible fast.

Name sub-accounts with a consistent convention — client name plus onboarding date or a short unique code. At 30 sub-accounts, scannable naming saves minutes every single day. At 100, it saves hours every week.

Document a role template before your next onboarding call. Decide in advance which modules the Account Admin gets, which the Account User gets, and which your Agency Users can access. Apply it identically every time. Consistency is what eliminates the support tickets that quietly drain agency margins.

Run a permission audit every quarter. Former client employees retain full login access until you deactivate them manually — that is a live data security issue your client almost certainly does not know they have.

GoHighLevel sub-accounts and user roles are the structural backbone of any agency running more than one client — get the foundation right and every delivery that follows is faster, cleaner, and easier to hand off. Your immediate next step: create one sub-account today using a snapshot, invite a test user at each role level, and verify exactly what each role can and cannot see before any paying client logs in for the first time.

Keep Learning

If this was useful, these are worth reading next:

RoleScopeCan Delete Data?Sees Billing?Best For
Agency AdminAll sub-accountsYes — everythingYes (full)Agency owner only
Agency UserAssigned sub-accounts onlyConfigurableNoInternal team / VAs
Account AdminSingle sub-accountYes — within sub-accountNoTrained client lead
Account UserSingle sub-accountNo (configurable)NoDay-1 client default
Restricted ClientConversations + Calendar onlyNoNoClient's sales reps

Source: GoHighLevel Official Help — User Roles & Permissions (2026).

Frequently Asked Questions

Tags:
sawan kumar
sawan kumar videos
gohighlevel permissions
gohighlevel sub accounts
gohighlevel for agencies
gohighlevel role settings
gohighlevel tutorial
gohighlevel account setup
gohighlevel team access
ghl permissions explained

Ready to Level Up?

LearnBrowse 71 CoursesAI, Automation, Real Estate & more by Sawan KumarStart SellingShopify — 3 Days FreeThen just $1/mo for 3 months. Build your store today.AutomateGoHighLevel BootcampFree 30-day no-risk live bootcamp. Scale your business.
Agency EssentialRecommended for you

📚 Master GoHighLevel: Funnels, Landing Pages & Automation

Build funnels, automate marketing, deploy AI chatbots, and scale your agency with GoHighLevel.

View Course →
$49$199
Don’t have GoHighLevel yet? Start your free trial →
FreeMini-Course

Want to master Go Highlevel?

Get free access to our mini-course and start learning with step-by-step video lessons from Sawan Kumar. Join 79,000+ students already learning.

No spam, ever. Unsubscribe anytime.

Agency Essential

Master GoHighLevel: Funnels, Landing Pages & Automation

Build funnels, automate marketing, deploy AI chatbots, and scale your agency with GoHighLevel.

$49$199
Enroll Now →Don’t have GoHighLevel yet? Start your free trial →

30-day money-back guarantee

Free Strategy Call

Want personalised help with Go Highlevel?

Book a free 30-min call with Sawan — no pitch, just clarity.

Book a Free Call

79,000+ students trained