User Role - Restrict access to specific Settings
Ability to customise user roles to restrict some access in Xero.
Purpose: Some staff should only have limited access in Xero.
Hi everyone, we appreciate all your feedback on how we could evolve roles for customers using Xero. As you can see through the ideas on the platform, there are a wide range of combinations of permissions our customers want to see us build. As user roles impact all areas of the product, there are many considerations we must factor in when assessing how to solve for majority of our customers needs.
We’re beginning to conduct research on the current landscape and how we might approach some of the most predominant needs in roles for our customers. Front footing this, the discovery of this work will be long winded and there will be multiple phases of research and forms of engagement with users that’ll help shape the path ahead in this space.
We’d like to invite you, our community to be part of this research and discovery. This may involve interviews and sharing further feedback through direct surveys or questionnaires.
✍️ If this is something you’d be interested in taking a part of please fill in our short form here.
Though we won’t be able to invite everyone into every stage, our research team will be in touch with many of you over the coming months.
We will be back to share on the outcomes of our research and any progress around development of roles in Xero.
-
Chloe Luhrs commented
Hi Gary, Just to reply to your comment as we relate to it.
We just made the move from MYOB Account Right to Xero at the start of the new financial year and starting to think it is the biggest business mistake we have made. While we tried and tested the core product - many teething issues have popped up. We are considering moving back to MYOB because of this core issue.
-
Gary Lowe commented
Hi.
Can I ask if there has been any updates with regard to user roles within XERO.
I have been complaining about this since I moved over to XERO which in hindsight was probably the biggest mistake I've ever made in my 35 years in business.
As mentioned in other posts, if the access rights were fixed within XERO you would have an exceptional product. As it stands its sub standard and not really fit for purpose. Fine for a one man band but nothing else.Its a shame that the money spent on advertising couldn't be put to better use by fixing the problems raised by your employers which are the paying users !
-
Christopher Parkin commented
Dear Xero Support Team,
We are encountering challenges related to segregation of duties within Xero, particularly concerning user access rights and the number of journal entries passed. Our internal audit team has raised concerns about this issue. While we have implemented manual controls to mitigate risks, the current system does not adequately support segregation of duties.
We would appreciate any guidance or solutions you could provide to address this concern.
Thank you for your assistance.
-
Daniel McRae commented
I need to add an employee to do the bank reconciliations for me, without all the other access that the 'standard' user permissions gives
Its a simple add on to the 'invoice only' permissions. The system seems to restrictive as currently setup.
-
Lanelle Boerssen commented
Some of our clients needs staff to have access to reporting, Inventory, etc. but not the bank. If we can separate the access and viewing to the bank.
-
Mike Brett commented
I would like to see option for users given access to chosen bank accounts as opposed to default where they can see all bank feeds. This is critical. We have a separate account for payroll which I would like users not to see. Thanks
-
Alex Morgan commented
I want users to be able to manage discreet P&Ls within Xero, without seeing other people's P&L. Don't care how this is implemented, but I did make a suggestion in a separate chain that it could be done via tracking. e.g. tracking category for each, say, shop P&L. Each shop manager can only access data that is coded to his shop's tracking code.
-
Copier Service Company Ltd commented
Limiting bank account access/visability surely has to be the big one?
-
Craig Byron commented
I'm an accountant with one employee using ledgers to produce financials for a number of clients. Ledger subscriptions that restrict accees to reporting to one user only are an expensive frustration. I either need to give them my credtentials to use to prepare those financials, or I need to upgrade to a subscription that costs 3 times as much
-
Derrick Siu commented
Hello. my company has 2 business verticals that are defined by using different business sections, i need to give access to some partners who are partners of one of the verticals and so do not wish them to have access to the other vertical along with the relevant bank accounts that pertain to those verticals. this would be much appreciated. do you know when such level of permissions will be available? whats the roadmap to having such a feature added? thank you.
-
Amoré Muller commented
Our company has a creditor clerk, that needs to process bills payable. They are not supposed to see the bank accounts which is fine. But they must be able to have access to reports to recon their accounts. At the moment this is not possible and very frustrating. There must be a possibility to 'tick' or 'untick' levels of accessibility to the system? Please urgently look into your permissions settings.
-
Chevon Bauer commented
The ability to restrict certain reports for example having office team members being able to generate debtor reports for credit control without having access to view the banking details. someone below mentioned a tick box to all user to view bank is critical and I agree if we could remove the bank accounts and just allow certain reports far more users would be able to access Xero and do their jobs as normal.
-
Rob Nobel commented
Developing a simple option to allow/disallow access to sensitive parts within XERO is certainly necessary.
My concern is primarily to do with authorisation when 2 or more signatures are required, such as with Direct Payments where an ABA file is produced. Currently, one user is all that's required which could contravene policy. If the bank accepts the ABA file having been signed by one user only, also leaves the organisation open to theft by any user who has access to producing ABA files. -
T est commented
Hi Kelly.
As other mentioned, one of the most important additions must be the ability to disable bank accounts/balances etc for all user levels. Simple tick box should suffice.
Do you have a time line for how long before we start to see changes ? -
Izhar Groner commented
I need to add an employee to do the bank reconciliations for me. I don't want to give him any other authorization.
You current system is too rigid. Other software provides allow their clients to pick and choose authorizations for their added users. Can you adopt this feature too? -
Maria Lis commented
Hello, Ability to be read only profile (meaning no changes to TB activity but with ability to authorize teams POs and see reporting using the same profile.
Authorizations levels for staff (basic PO input, no other access), team leader (PO input and PO authorisation for the allocated team), Line manager(PO input and PO 2nd level of authorisation over certain value, plus access to reporting)
-
Michelle Westle commented
Ability to refine access to view, or not, bank accounts, separate to other access. Read only view also needs the ability to scale access to everything i.e auditors, to limited to specific areas.
-
Matthew James Mifsud commented
Quotes only role - this is a critical function - just the ability to issue, send quotes via email and send to invoice (to be approved) once quote is confirmed.
-
Brandy Wilde commented
Thank you Kelly, do you have any kind of timeline? I am in the process of switching to quickbooks because they already have the users so that you can customize their rolls. I have been with Xero for 4 years, and finally decided I can't keep waiting. I will fill out the survey and hopefully help with the process. I would really appreciate someone reach out to me. Maybe I don't have to switch, that would be awesome! I would need to know in the next couple days!
-
Eileen Cotton commented
I agree with everyone's comments, this is great! It's would be important to block access to certain reports. Such as allowing access to the accounts payable and receivable reports, issuing payments, and reports pertaining to those areas but blocking access to the financial reports such as Profit & Loss, Balance Sheet. Trial balance, etc. Also not allowing the user to have to certain financial data on the "Dashboard".