Enter your idea

Is there any update on this. Have had a couple of clients wanting some new employees to have access to purchases , some reports re purchasing but not to have access to sales, bank etc.

Makes it very difficult can access not be on a selection basis when adding a user - similar to difference between advisor / standard level and whether you tick to select vat, projects etc - would be easier way then you could have more flexibility to add users

All products need to evolve and one area that is almost always neglected by non-Enterprise platforms is the Enterprise security model ESAM. To understand this one needs to have experience of Enterprise environments & security. Non Enterprise developers and product leads will default to the view that their platform is not an Enterprise platform so this point is irrelevant. This is actually mis-guided as many smaller companies operate Use Cases that are in fact just like an Enterprise organisation, only on a much smaller scale. Given cloud based is just another term for hosted, hosted platforms benefit form an ESAM. There is a cost but technical architects should prioritise this as products develop.

In our case, we have deployed Xero Me which the Users believe has solved world piece - going from a paper based process to self managed for company paid expenses (Albeit surrounded by a bit of confusion as to why mileage has to be in included). But, unfortunately, we do regularly handle cash in a few offices which is going to be hard to prevent for a number of reasons - not to mention that legally one can't not take cash.

The problem is there is no Xero Me sales receipt equivalent functionality where offices receiving cash can register as banked or petty cash.

Not withstanding my comments around ESAM, which I do believe is a key requirement for a number of other limitations, adding a receipt function in Xero Me should not be too difficult as it is the same process but a debit in stead of a credit.

We would also appreciate an update

Is there an update please on this functionality? I have a colleague who we want to attach credit card receipts, but not to have access to the bank account.

This is an interesting one for me. In 2018 Xero launched a whole new navigation bar that in all honesty took me ages to get used to. The available options on the drop-down menus made little logical sense, especially compared to the old navigation.

It took so long for me to remember where the various options had been moved. When we asked why this change was made, we were told it was to designed to help Xero building a more robust user experience.

That was never delivered. Now Xero is changing both the Dashboard and the navigation bar AGAIN and it's almost going back to the old options (which made so much more sense).

So after shuffling the position of commands multiple times (making it so much harder for consultants to train and maintain their training resources), are we finally going to get a better user management experience?

This is another one of those features requests that has been on the cards for years with little to no progress. With Xero's integration growing more and more making it suitable for larger businesses, a better user management experience is becoming a must to preserve access to Financial Information.

I have so many clients that have lower level clerks going through the bank feeds to fetch documents but they don't want these clerks to see for example the bank account balance or they want to be able to pick and choose which bank accounts these employees should interact with. That seems perfectly logical to me

We should be able to choose if a user that has invoices and purchase access also has access to the Items reports, sales reports and purchases reports. It is useless having such extreme difference between standard and basic access. Business owners do not want everyone seeing their bank account balance and their Profit and loss and balance sheet.

I think Xero's approach should be, "Where can we make access available now?" It should also be a table of selectable access that gives the owners the decision on what access they need for their staff, rather than creating pre-defined roles.
I understand that software functionality creates restrictions for flexibility, but I have worked with many different software platforms that do this well.

@Chris Fox - I hadn't condsidered the security issues in the manner you describe to be honest but now you mention it, it is inconceivable what might happen if an employee goes 'rogue'.

We need to be able to restrict the users who can make changes to the branding themes (invoice templates). If users are not authorised to update supplier bank details, then they should not be authorised to add/edit bank details on the .docx templates either. This represents an unacceptable risk, as incorrect bank details could be added, leading to customer payments being diverted.

Furthermore, there is no audit trail of changes to the templates, so a user could temporarily change them and then reinstate the originals without leaving any trace.

Variable user restrictions on bank accounts is vital to privacy within our business.

I need the ability to limit the bank accounts which are visible to users. Some staff only need access to our trust account transactions, others doing accounts receivable only need access to our deposit account. Currently it appears to be all or nothing and I don't need every employee I have knowing all of my business.

Please enable ability to restrict the Invoice Only-->Sales role from being able to approve and send invoices. This should be a simple tick box like ability to lodge BAS. I need staff to be able to access any invoice created (not just their own) but the only option then is to enable full access to approve and send invoices which can be a disaster. The placement of the 'save and close' and 'approve and send' buttons do not help this situation.

We need to block invoice only users from creating contacts, I do not have the time to keep housekeeping hundreds of contacts that lower level staff are creating, I have no control over this.

Hello I would like my assistant to access vendor reports and customer reports but not the balance sheet or other reports as this has cause our company problems where they can see what other people get paid
Xero needs to be more flexible with permissions, this needs to be actioned fast as my assistant can not do half of her job and would look at moving away from Xero for all of our companies.

I would like to see more options in user access.

Payroll not just Admin or not. Example need admin access but not all the emails like timesheet approvals.

If you have multiple users doing similar work but not all you should be able to give partial access (not just in Payroll)

Hi everyone,

I understand that many of you are facing challenges with Xero's current permissions settings, especially when it comes to restricting access to specific bank accounts or transactions. While Xero may not have an immediate solution for these issues, I wanted to let you know that Control-C might be able to help.

As an add-on partner for almost 10 years, Control-C has developed a platform that can surface the required access to view-only data that your team members need to do their job. This ensures that sensitive information, such as staff wages and bonuses, remains confidential while allowing your colleagues to perform their roles effectively.

Having worked at Xero, I appreciate the complexities involved in retrofitting features into an established system. It's a challenging task, and I understand why some features might not be available yet. Our goal at Control-C is to provide you with the tools you need to manage your financial data securely and efficiently, complementing Xero's capabilities.

If you're interested in learning more about how we can help, please feel free to reach out to us through the Xero app store or the Control-C website.

Best regards,
Campbell Green
control-c.com

@Luke Abbott - 368 days since last update

My new companies are setup in Quickbooks Online because of this issue. QBO has much better roles defined. GAAP is not possible with the current roles that Xero has, putting customers at risk.

@Kelly Munro, isn't it about time for an annual update? We're eleven years into this version of an idea for customisable user roles, and a week away from there being a full year of radio silence.

Xero just need to get a grip on some of these basic software functions.

I am in exactly the same situation as Stuart Mohamed! Reconciling customer payments (deposit summaries) is causing a huge problem, as the owner of the business I should not have to perform this task myself but am left with no choice as the permissions do not allow for any other way.