I expect that it is best and simplest to have just one ‘master’ folder of the same name on each device and to Sync just that folder as the ‘master’ folder and then put any folders you wish to sync inside the ‘master’ folder?
Then, if we want to sync folders with ‘permissions’ or limit access, to then create user-group named folders and sync just those to the correct users?
I ask this as I can see that dozens of folders may be complex, slow or difficult to manage?
It depends on your specific needs, but one “master” folder approach is definitely simpler. However, if you end up having to use ignore patterns on each device to sync only a few folders out of many others, then in that case I usually prefer to just have the folders shared as separate entities instead.
On a side note, you’ve mentioned “permissions” and “limiting access”, but please keep in mind that Syncthing doesn’t really support any type of “central management”. In other words, you can’t really prevent a specific device from making changes to the files (unless you utilise the operating system’s restrictions for it, but that’s completely separate from Syncthing).
In general, I see two reasons why one would want to split the sync to different shared folders:
The directory layout including subdirectories is not supposed to be the same on all devices.
The set of devices with which to share is not the same for the whole dataset or some parts need special folder types like send-only or receive-only on any device.
If those are none of your concerns, starting with a single shared folder is probably the best idea among your own devices. Other needs will pop up eventually and can warrant adding separate shared folders. Fortunately, Syncthing does support this, in contrast to e.g. Dropbox or the like only providing one central location for synchronization.