diff --git a/website/docs/reference/project-collaboration-mode.md b/website/docs/reference/project-collaboration-mode.md
index 289c138288..6e0935f0ca 100644
--- a/website/docs/reference/project-collaboration-mode.md
+++ b/website/docs/reference/project-collaboration-mode.md
@@ -32,14 +32,16 @@ All users of your Unleash instance can view the project but only project Members
 
 ### Private collaboration mode
 
-Only project Members, Admins, Editors, and users with [custom root roles](./rbac#custom-root-roles) can view the project. Viewers, who are not project Members, can't see the project in the project list. Only project Members and Admins can submit change requests. 
+Only project Members, Admins, Editors, and users with any [custom root role](./rbac#custom-root-roles) can view the project. Viewers, who are not project Members, can't see the project in the project list. Only project Members and Admins can submit change requests. 
+
+To grant users visibility into private projects through a custom root role, you must assign the role directly to the user rather than through a [user group](/reference/rbac#usergroups).
 
 
 |           | View project                                                                                    | Submit change requests     |
 |-----------|-------------------------------------------------------------------------------------------------|----------------------------|
 | Open      | All users                                                                                       | All users                  |
 | Protected | All users                                                                                       | Project Members and Admins |
-| Private   | Project Members, Admins, Editors, and users with [custom root roles](rbac.md#custom-root-roles) | Project Members and Admins |
+| Private   | Project Members, Admins, Editors, and users with any [custom root role](rbac.md#custom-root-roles) assigned directly (not through a user group) | Project Members and Admins |
 
 ## Set project collaboration mode
 
diff --git a/website/docs/reference/rbac.md b/website/docs/reference/rbac.md
index 95186094e4..4eac27385a 100644
--- a/website/docs/reference/rbac.md
+++ b/website/docs/reference/rbac.md
@@ -326,6 +326,8 @@ Groups themselves do not grant permissions. To be functional, a group must eithe
 A user can belong to multiple groups, and each group a user belongs to can have a different role assigned to it on a specific project.
 If a user gains permissions for a project through multiple groups, they will inherit the most permissive set of permissions from all their assigned group roles for that project.
 
+You can’t add a group with a [custom root role](#custom-root-roles) to a project. If you need both root-level and project-level access through [group syncing](#set-up-group-sso-syncing), you can sync the same directory group from your Active Directory or identity provider to two separate Unleash groups: one for root permissions and one for project access.
+
 ## Set up group SSO syncing
 
 :::note Availability