User Role - Restrict access to specific Settings
Ability to customise user roles to restrict some access in Xero.
Purpose: Some staff should only have limited access in Xero.
Hi everyone, we appreciate all your feedback on how we could evolve roles for customers using Xero. As you can see through the ideas on the platform, there are a wide range of combinations of permissions our customers want to see us build. As user roles impact all areas of the product, there are many considerations we must factor in when assessing how to solve for majority of our customers needs.
We’re beginning to conduct research on the current landscape and how we might approach some of the most predominant needs in roles for our customers. Front footing this, the discovery of this work will be long winded and there will be multiple phases of research and forms of engagement with users that’ll help shape the path ahead in this space.
We’d like to invite you, our community to be part of this research and discovery. This may involve interviews and sharing further feedback through direct surveys or questionnaires.
✍️ If this is something you’d be interested in taking a part of please fill in our short form here.
Though we won’t be able to invite everyone into every stage, our research team will be in touch with many of you over the coming months.
We will be back to share on the outcomes of our research and any progress around development of roles in Xero.
-
Stuart Mohamed commented
The option to exclude someone's ability to see the bank balance should be a given in any level of user permissions.
-
Liza James commented
Individual permissions, for employees to be able to raise quotes but not have access to view how much money the business is owed on the dashboard.
allow users access to create a project, and then create the related quote but no further accessSo to reiterate a more bespoke way of assigning individual permissions is needed .thanks
-
Alison Nixon commented
The filter box on the quotes need to have a filter for "departments" as someone with basic access cannot get access to the all quotes summary report so it needs to be filtered not just on dates.
-
Lori Notman commented
There should be many options within each section of permissions available to each individual user. It is far to broad.
-
Tania McGregor commented
We have a number of users who only have access to invoice and receive payments, however, when receipting a payment in the 'Paid To' field they get all options available including bank accounts, liabilities etc
Is there a way to restrict or filter the 'Paid To' options for Users based on their User Access.
As an example I would like the options for these Users to be EFTPOS, AMEX and CASH only. -
Alice Senior commented
We would like to see a feature to restrict invoice and bill approvals, so the user only has the option to submit for approval.
Not having this feature is a major financial security issue because bills and invoices can skip the approval process if the person creating them has the option to approve them. -
Esther Santos commented
This is a message directly from my client....We were able to access reports in Sage and there is an expectation to do the same thing in Xero.
Are we the only ones who ask for this reporting functionality without having to see bank account?
Is it unreasonable to request this functionality from Xero, in the immediate future? -
Wynne Tan commented
We are reaching out to seek clarification and assistance regarding the governance of user settings within our Xero system.
Restricting user access in Xero is essential for data security, ensuring compliance with regulations and protecting sensitive financial information. It allows organizations to align access with specific roles, minimizing risks of unauthorized exposure. This control is especially important when collaborating with external auditors, enabling them to work effectively without compromising sensitive data like bank balances. Proper access management also supports audit readiness by creating clear trails and demonstrating robust user permission controls. -
Josie Baker commented
I vote for this BIG TIME
-
Robert Darrow commented
like with most systems the idea of preset permissions is always essential but there should be an advance menu where Xero experts can modify and customise roles. For example my team are allowed to draft invoices and quotes. But this means they cannot print the quotes to look nice for Clients. And if they are granted "approval" they basicalyl get full access to my bank account which I do not want. Needs to be set inbetween for senior management who arent members of the board
-
Nisha Shariff commented
The ability to change the company settings should be restricted. Currently it is available in the advisor and standard user settings. We should be able to turn user permissions on/off for this. As I discovered yesterday anyone with an advisor or standard user role can change the company bank details on an invoice, send the invoice and then put the old bank account back in. A major security issue here!
-
Robert Critchley commented
I didn't have to scroll far to find someone else with exactly my scenario. I'd like to incorporate my payroll account but filter it so that only certain users can see the balance and reconcile it. Hope you can add this feature as it would make life so much better.
-
Emily Majski commented
I think this has already been mentioned, but we have a client that would like to hide payroll payments from certain staff members, but to have them still able to generally balance the bank. If it could be a case of choosing which banks staff had access to, this would solve the issue as they could use a separate bank account.
-
Adam Lim commented
Why Xero is fixing something that's working so well eg the current invoicing interface and come up with this new template that's is irritating me like crazy when i have to manually key in the additional email address when I want to send it to additional members of the team? Why dont you fix the user restriction issue thats irritating so many of us instead?
-
Alisdair Williams commented
Hello,
Regarding access roles. We have API imports into Xero from our management software but this can only be achieved by a high level user with advisor or standard. We have multiple staff that we do not want having access to all the data but need permission to authorize a product update, customer update or just import invoice details. This isn't achievable at present and is a lot of duplicate work.Please can this be rectified so under the standard role you can pick and chose what access you want to give to staff members to best achieve their role
-
Samantha Allan commented
Hello,
In relation to user permissions, Xero should consider implementing a more flexible system for user restrictions. Currently, we have a significant number of staff who are responsible for creating sales invoices. However, these users also require access to edit templates. Unfortunately, with Xero's current limited user permission options, the standard permissions not only allow them to edit templates but also provide access to bank accounts, which is not ideal.
It would be highly advantageous to introduce an option to remove bank account access from the standard role, allowing for more specific user restrictions without compromising essential functions like editing templates.
-
Chloe Luhrs commented
Hi Gary, Just to reply to your comment as we relate to it.
We just made the move from MYOB Account Right to Xero at the start of the new financial year and starting to think it is the biggest business mistake we have made. While we tried and tested the core product - many teething issues have popped up. We are considering moving back to MYOB because of this core issue.
-
Gary Lowe commented
Hi.
Can I ask if there has been any updates with regard to user roles within XERO.
I have been complaining about this since I moved over to XERO which in hindsight was probably the biggest mistake I've ever made in my 35 years in business.
As mentioned in other posts, if the access rights were fixed within XERO you would have an exceptional product. As it stands its sub standard and not really fit for purpose. Fine for a one man band but nothing else.Its a shame that the money spent on advertising couldn't be put to better use by fixing the problems raised by your employers which are the paying users !
-
Christopher Parkin commented
Dear Xero Support Team,
We are encountering challenges related to segregation of duties within Xero, particularly concerning user access rights and the number of journal entries passed. Our internal audit team has raised concerns about this issue. While we have implemented manual controls to mitigate risks, the current system does not adequately support segregation of duties.
We would appreciate any guidance or solutions you could provide to address this concern.
Thank you for your assistance.
-
Daniel McRae commented
I need to add an employee to do the bank reconciliations for me, without all the other access that the 'standard' user permissions gives
Its a simple add on to the 'invoice only' permissions. The system seems to restrictive as currently setup.