Skip to main content

Access & Sharing

Access to Locker is managed through your organization's roles, not document by document. When a team member has the right role, they can see everything in the repository that their access level allows. No per-document sharing step is required.

Give a Team Member Access

If a colleague can't see Locker or can't perform an action they need, an organization admin can invite them or update their role.

Invite a New Member

  1. Go to Organization → Members.
  2. Click Invite Member, enter their email, and assign a role with the appropriate Locker access.
  3. They accept the invitation and immediately have access based on their role.
Coming Soon

Screenshot: locker-invite-member, the Invite Member dialog in Organization → Members with a role selected

See Roles to find which role gives the access level you need.

Change an Existing Member's Access

  1. Go to Organization → Members.
  2. Find the member and click Edit Role.
  3. Select the new role and save, the change takes effect immediately on their next page load.
warning

Roles are org-wide and affect access across all Propper products, not just Locker. Review the full role before making changes to avoid unintended access elsewhere.

External Sharing

Locker doesn't support per-document share links. Use the appropriate method below depending on who needs access and why.

ScenarioRecommended approach
Auditor or regulator needs to review documentsDownload the relevant files and share via your secure file transfer channel. See Downloading Documents.
Counterparty needs to sign a documentUse Propper Sign to send the document for signature, then store the executed copy in Locker.
External consultant needs temporary read accessInvite them with a Viewer role (view access). Remove them from Organization → Members when the engagement ends.
External team needs ongoing read accessInvite them with an appropriate role and manage their access under Organization → Members.
Coming Soon

Screenshot: locker-external-sharing-options, the external sharing scenario table or a workflow showing the invite and remove steps for temporary access

Temporary external access

For short-term access, invite the external party as a Viewer. This gives them read-only access to the full repository. When the engagement ends, remove them from Organization → Members, their access is revoked immediately.

This is by design. Tying access to authenticated, audited identities, rather than links that can be forwarded or leaked, ensures Locker meets compliance and audit requirements. Every access event is logged against a known user, not an anonymous link.

When You Need Finer Access Control

If your use case requires giving someone access to specific documents without granting full repository access, consider these options:

  • Invite with Viewer access and audit regularly, For most cases, view-only access with periodic access reviews is sufficient. Remove users when they no longer need access.
  • Download and deliver specific files, For one-off requests, download the documents and send through your secure external channel.
  • Use Sign for document delivery, If the external party only needs to receive and sign a copy, Propper Sign is the right tool. The executed document then lands in Locker under your organization's control.
  • Separate organizations for strict isolation, If two teams must have completely separate repositories, they can each have their own Propper organization. Contact your account team to discuss multi-org setups.
note

Per-document access control, granting specific users access to specific documents without full repository access, is not on the current roadmap. If this is a significant need, let your account team know.

Audit Log

All document access, views, downloads, and metadata changes, is recorded at Organization → Audit Logs. Admins can see who accessed which documents and when, providing a complete access trail for compliance and security review.