Enter your idea

I think Xero's approach should be, "Where can we make access available now?" It should also be a table of selectable access that gives the owners the decision on what access they need for their staff, rather than creating pre-defined roles.
I understand that software functionality creates restrictions for flexibility, but I have worked with many different software platforms that do this well.

@Chris Fox - I hadn't condsidered the security issues in the manner you describe to be honest but now you mention it, it is inconceivable what might happen if an employee goes 'rogue'.

We need to be able to restrict the users who can make changes to the branding themes (invoice templates). If users are not authorised to update supplier bank details, then they should not be authorised to add/edit bank details on the .docx templates either. This represents an unacceptable risk, as incorrect bank details could be added, leading to customer payments being diverted.

Furthermore, there is no audit trail of changes to the templates, so a user could temporarily change them and then reinstate the originals without leaving any trace.

Variable user restrictions on bank accounts is vital to privacy within our business.

I need the ability to limit the bank accounts which are visible to users. Some staff only need access to our trust account transactions, others doing accounts receivable only need access to our deposit account. Currently it appears to be all or nothing and I don't need every employee I have knowing all of my business.

Please enable ability to restrict the Invoice Only-->Sales role from being able to approve and send invoices. This should be a simple tick box like ability to lodge BAS. I need staff to be able to access any invoice created (not just their own) but the only option then is to enable full access to approve and send invoices which can be a disaster. The placement of the 'save and close' and 'approve and send' buttons do not help this situation.

We need to block invoice only users from creating contacts, I do not have the time to keep housekeeping hundreds of contacts that lower level staff are creating, I have no control over this.

Hello I would like my assistant to access vendor reports and customer reports but not the balance sheet or other reports as this has cause our company problems where they can see what other people get paid
Xero needs to be more flexible with permissions, this needs to be actioned fast as my assistant can not do half of her job and would look at moving away from Xero for all of our companies.

I would like to see more options in user access.

Payroll not just Admin or not. Example need admin access but not all the emails like timesheet approvals.

If you have multiple users doing similar work but not all you should be able to give partial access (not just in Payroll)

Hi everyone,

I understand that many of you are facing challenges with Xero's current permissions settings, especially when it comes to restricting access to specific bank accounts or transactions. While Xero may not have an immediate solution for these issues, I wanted to let you know that Control-C might be able to help.

As an add-on partner for almost 10 years, Control-C has developed a platform that can surface the required access to view-only data that your team members need to do their job. This ensures that sensitive information, such as staff wages and bonuses, remains confidential while allowing your colleagues to perform their roles effectively.

Having worked at Xero, I appreciate the complexities involved in retrofitting features into an established system. It's a challenging task, and I understand why some features might not be available yet. Our goal at Control-C is to provide you with the tools you need to manage your financial data securely and efficiently, complementing Xero's capabilities.

If you're interested in learning more about how we can help, please feel free to reach out to us through the Xero app store or the Control-C website.

Best regards,
Campbell Green
control-c.com

@Luke Abbott - 368 days since last update

My new companies are setup in Quickbooks Online because of this issue. QBO has much better roles defined. GAAP is not possible with the current roles that Xero has, putting customers at risk.

@Kelly Munro, isn't it about time for an annual update? We're eleven years into this version of an idea for customisable user roles, and a week away from there being a full year of radio silence.

Xero just need to get a grip on some of these basic software functions.

I am in exactly the same situation as Stuart Mohamed! Reconciling customer payments (deposit summaries) is causing a huge problem, as the owner of the business I should not have to perform this task myself but am left with no choice as the permissions do not allow for any other way.

Just wanted to add my thoughts on here to the many that have taken the time already to provide feedback.

The level of flexibility in this area is seriously behind

i) customer expectations/requirements and
ii) Xero's competitors

In my example, I have a colleague who reconciles customer and supplier payments. This is a key area of her role, which she carries out to a high standard. However, with permissions settings as they currently stand, she also has access to other bank payments such as staff wages/bonuses/petty cash claims etc which are private and confidential.

My only option as it stands is to reduce her user rights, but by doing this I would be removing access to the very things she needs to do her role. It's an impossible situation.

In my opinion, Xero would do very well to allocate resources looking at it's competition to understand how they can roll out greater depth to the user rights/access options like for example Quickbooks.

please have specific permissions for users, i.e., they can draft the bills, POs, but cannot self approve it. it's very hard to detect... thank you!

How can we add 'permission feature' to specific users especially at Standard level (junior account staff) who would not have ability to delete/void repeating invoices or single invoices or any transactions related in our accounting system without prior authorisation/approval from their supervisors.
Would there be an app that can connect to our Xero subscription and provide notification at the back end perhaps. We can not keep reconciling manually at repeating invoices level if we are looking after a significant amount of invoices

Is there an update on this facility?

PLEASE create greater options with user access! I'm actually quite shocked that this is not already a function!

The fact that I may have an employee doing my books who can see my entire business and all of my bank account balances or basically nothing at all is quite ridiculous. This is NOT supportive of small - med sized businesses in my opinion. Especially in small towns!

It should be completely customizable down to which bank accounts can be seen and which reports can and cannot be run.

despite the simplicity of this I have little to no hope of this being done however if it has not been already.
We will be considering swapping to another platform that will support this functionality asap.

To limit a user access to manage (create and update) the tracking categories in the Xero, but cannot have the visibility on the bank accounts details.

Current system behaviour:
I tested to give invoices only access. but the user reported that cannot access tracking categories.

And if provide standard access, by default accounts will be visible.