User Role - Restrict access to specific Settings
Ability to customise user roles to restrict some access in Xero.
Purpose: Some staff should only have limited access in Xero.

Hi everyone, we appreciate all your feedback on how we could evolve roles for customers using Xero. As you can see through the ideas on the platform, there are a wide range of combinations of permissions our customers want to see us build. As user roles impact all areas of the product, there are many considerations we must factor in when assessing how to solve for majority of our customers needs.
We’re beginning to conduct research on the current landscape and how we might approach some of the most predominant needs in roles for our customers. Front footing this, the discovery of this work will be long winded and there will be multiple phases of research and forms of engagement with users that’ll help shape the path ahead in this space.
We’d like to invite you, our community to be part of this research and discovery. This may involve interviews and sharing further feedback through direct surveys or questionnaires.
✍️ If this is something you’d be interested in taking a part of please fill in our short form here.
Though we won’t be able to invite everyone into every stage, our research team will be in touch with many of you over the coming months.
We will be back to share on the outcomes of our research and any progress around development of roles in Xero.
-
Vidhya Jayawardena commented
Hi. Xero allows restricted access to reports as a whole on the Standard user profile. However, the standard user still has access to the chart of accounts, where they can edit, add and even view details of the balance and breakdown for the current period. Therefore, giving them access to balances. Our clients would want access restricted on the chart of accounts for standard users as well as giving them access to only certain reports.
-
Alison Tyler commented
Is there any progress on this query? I have several clients who want staff members to have access to certain reports, and debtors and creditors but not to the bank statement or balances. For my practice I would like my bookkeeper to have access to debtors and creditors, and invoicing and bills plus the credit card bank account, but not the main cheque account or call account linked to the cheque account. Is this possible?
-
Campbell Green commented
Granular Access Control – Secure, Zero Trust Permissions
Control-C’s new security model introduces a level of granularity never seen before in managing access to your Xero financial data. Traditionally, giving an employee access to run an Aged Payables or Aged Receivables report meant exposing your entire financial landscape – including sensitive areas like your Profit & Loss, balance sheet, bank transactions, and even other employees’ bonus information. Xero’s native user roles are fairly broad (e.g. standard user or advisor roles grant wide access). Not anymore.With Control-C’s Zero Trust-based security framework, you can now restrict access to just the specific data or reports your team members need – and nothing more. Want a staff member to run only the Aged Receivables report? You can grant that exact permission, without also giving away the rest of your accounting info. No more over-exposure or “all-or-nothing” access. For example, an accounts clerk can be set up to view and export customer invoices and aging reports, but cannot see the general ledger or payroll details. A junior bookkeeper could be limited to inputting bills and viewing the payables report, without any visibility of bank balances or management reports. You define roles at a fine-grained level – a stark contrast to Xero, where even a read-only user can see almost everything.
This precision access control is built from the ground up, aligning with modern Zero Trust security principles that assume no implicit trust – every access is explicitly granted and minimal. For accountants and compliance officers, this means better internal controls and cleaner audit trails. You can demonstrate that even within your organisation, sensitive financial data is only accessible on a strict need-to-know basis. For instance, an auditor or external accountant could be given a special “Auditor” role on Control-C: read-only access to relevant reports and the audit log, but nothing else. Meanwhile, your sales manager might have access to customer contact list backups (for business continuity) but not to any financials. These tailored permissions greatly reduce the risk of internal data leaks or unnecessary snooping.
For business owners, the benefit is peace of mind and professionalism. You no longer have to say, “I’ll give my assistant access to Xero, but I hope they don’t poke around the salaries or bank accounts.” Instead, you define their role on Control-C to exactly what they require (perhaps invoice creation and nothing else). It shows a commitment to confidentiality: employees see only what’s relevant to their job, which also reduces temptation and errors. And because the platform logs every access and download, you have a full audit trail of who viewed or exported data.
This Zero Trust security model is a unique selling point of Control-C’s platform. It effectively adds a new permission layer on top of Xero’s data, one that many businesses have long wished Xero itself had. By deploying it, you protect sensitive information by default while still empowering your team with the tools they need. The result is a more secure, compliant operation, where data access is precisely aligned with role and purpose – no more, no less.
If you would like to learn more visit Control-C.com or find us in the Xero App Store.
-
Louise Jones commented
Is there any update on this. Have had a couple of clients wanting some new employees to have access to purchases , some reports re purchasing but not to have access to sales, bank etc.
Makes it very difficult can access not be on a selection basis when adding a user - similar to difference between advisor / standard level and whether you tick to select vat, projects etc - would be easier way then you could have more flexibility to add users
-
Graeme Ellisson commented
All products need to evolve and one area that is almost always neglected by non-Enterprise platforms is the Enterprise security model ESAM. To understand this one needs to have experience of Enterprise environments & security. Non Enterprise developers and product leads will default to the view that their platform is not an Enterprise platform so this point is irrelevant. This is actually mis-guided as many smaller companies operate Use Cases that are in fact just like an Enterprise organisation, only on a much smaller scale. Given cloud based is just another term for hosted, hosted platforms benefit form an ESAM. There is a cost but technical architects should prioritise this as products develop.
In our case, we have deployed Xero Me which the Users believe has solved world piece - going from a paper based process to self managed for company paid expenses (Albeit surrounded by a bit of confusion as to why mileage has to be in included). But, unfortunately, we do regularly handle cash in a few offices which is going to be hard to prevent for a number of reasons - not to mention that legally one can't not take cash.
The problem is there is no Xero Me sales receipt equivalent functionality where offices receiving cash can register as banked or petty cash.
Not withstanding my comments around ESAM, which I do believe is a key requirement for a number of other limitations, adding a receipt function in Xero Me should not be too difficult as it is the same process but a debit in stead of a credit.
-
Theresa Waters commented
We would also appreciate an update
-
Sharon Mulcahy commented
Is there an update please on this functionality? I have a colleague who we want to attach credit card receipts, but not to have access to the bank account.
-
Paolo Coniglio commented
This is an interesting one for me. In 2018 Xero launched a whole new navigation bar that in all honesty took me ages to get used to. The available options on the drop-down menus made little logical sense, especially compared to the old navigation.
It took so long for me to remember where the various options had been moved. When we asked why this change was made, we were told it was to designed to help Xero building a more robust user experience.
That was never delivered. Now Xero is changing both the Dashboard and the navigation bar AGAIN and it's almost going back to the old options (which made so much more sense).
So after shuffling the position of commands multiple times (making it so much harder for consultants to train and maintain their training resources), are we finally going to get a better user management experience?
This is another one of those features requests that has been on the cards for years with little to no progress. With Xero's integration growing more and more making it suitable for larger businesses, a better user management experience is becoming a must to preserve access to Financial Information.
I have so many clients that have lower level clerks going through the bank feeds to fetch documents but they don't want these clerks to see for example the bank account balance or they want to be able to pick and choose which bank accounts these employees should interact with. That seems perfectly logical to me
-
Libby Gaynor commented
We should be able to choose if a user that has invoices and purchase access also has access to the Items reports, sales reports and purchases reports. It is useless having such extreme difference between standard and basic access. Business owners do not want everyone seeing their bank account balance and their Profit and loss and balance sheet.
-
Leanne Fromont commented
I think Xero's approach should be, "Where can we make access available now?" It should also be a table of selectable access that gives the owners the decision on what access they need for their staff, rather than creating pre-defined roles.
I understand that software functionality creates restrictions for flexibility, but I have worked with many different software platforms that do this well. -
Stuart Mohamed commented
@Chris Fox - I hadn't condsidered the security issues in the manner you describe to be honest but now you mention it, it is inconceivable what might happen if an employee goes 'rogue'.
-
Chris Fox commented
We need to be able to restrict the users who can make changes to the branding themes (invoice templates). If users are not authorised to update supplier bank details, then they should not be authorised to add/edit bank details on the .docx templates either. This represents an unacceptable risk, as incorrect bank details could be added, leading to customer payments being diverted.
Furthermore, there is no audit trail of changes to the templates, so a user could temporarily change them and then reinstate the originals without leaving any trace.
-
Michelle Bertucci commented
Variable user restrictions on bank accounts is vital to privacy within our business.
-
Anthony Jelich commented
I need the ability to limit the bank accounts which are visible to users. Some staff only need access to our trust account transactions, others doing accounts receivable only need access to our deposit account. Currently it appears to be all or nothing and I don't need every employee I have knowing all of my business.
-
Helen Shadbolt commented
Please enable ability to restrict the Invoice Only-->Sales role from being able to approve and send invoices. This should be a simple tick box like ability to lodge BAS. I need staff to be able to access any invoice created (not just their own) but the only option then is to enable full access to approve and send invoices which can be a disaster. The placement of the 'save and close' and 'approve and send' buttons do not help this situation.
-
Emma Hards commented
We need to block invoice only users from creating contacts, I do not have the time to keep housekeeping hundreds of contacts that lower level staff are creating, I have no control over this.
-
Sue Griggs commented
Hello I would like my assistant to access vendor reports and customer reports but not the balance sheet or other reports as this has cause our company problems where they can see what other people get paid
Xero needs to be more flexible with permissions, this needs to be actioned fast as my assistant can not do half of her job and would look at moving away from Xero for all of our companies. -
Leisa Sheath commented
I would like to see more options in user access.
Payroll not just Admin or not. Example need admin access but not all the emails like timesheet approvals.
If you have multiple users doing similar work but not all you should be able to give partial access (not just in Payroll)
-
Campbell Green commented
Hi everyone,
I understand that many of you are facing challenges with Xero's current permissions settings, especially when it comes to restricting access to specific bank accounts or transactions. While Xero may not have an immediate solution for these issues, I wanted to let you know that Control-C might be able to help.
As an add-on partner for almost 10 years, Control-C has developed a platform that can surface the required access to view-only data that your team members need to do their job. This ensures that sensitive information, such as staff wages and bonuses, remains confidential while allowing your colleagues to perform their roles effectively.
Having worked at Xero, I appreciate the complexities involved in retrofitting features into an established system. It's a challenging task, and I understand why some features might not be available yet. Our goal at Control-C is to provide you with the tools you need to manage your financial data securely and efficiently, complementing Xero's capabilities.
If you're interested in learning more about how we can help, please feel free to reach out to us through the Xero app store or the Control-C website.
Best regards,
Campbell Green
control-c.com -
Stuart Mohamed commented
@Luke Abbott - 368 days since last update