User Role - Allow users access to specific reports
Ability to only allow some users to access specific reports.
Purpose: Because in some organisation, only some people can only see the information for some reports.
Hi everyone, thanks for the interest in this idea.
As you can appreciate, user roles span across the entire Xero product so there’s many combinations of permissions our customers want to see us build. Specifically, our reporting product team is very much aware of the challenges with the current permission sets relating to sharing individual reports with different users and are beginning to look into how we might be able to alleviate some of these reporting challenges.
However, at this stage it’s far too early to anticipate or confirm any direction on where this discovery work will lead, but it will inform our next steps. Additionally, as I'm sure you can appreciate there are sensitivities of data access and security. Creating upgrades to user permissions will need very careful consideration. As most will be across, the reporting team are leading up to retiring older versions of Xero’s reports on 31 July 2023. Once that’s done, they look forward to pointing more attention to reporting user roles and updating this thread with their progress.
-
Stefanie Tran commented
I wish Xero can provide an option to restrict access to the financial statements because it is sensitive data.
Kinda silly that we can allow users to see all of the invoices including the outstanding ones but he/she cannot access the age debtors or see the list of creditors in a report format.Not why this was never thought in the first place!
-
Lisa von Sturmer commented
At what point will Xero ever respond? I've been using Xero for years, but not being able to have a "bookkeeper" role, or run A/R, A/P or sales reports per department is a real roadblock. This has been a wish list item for 7 years, and not one reply from them on this. Pretty disappointing. We've been a client since 2012/13, and now we're looking for alternatives just because of this issue.
-
Rujuta Paun commented
This will help current Xero Organisations and might sway others to join.
-
Deborah Blanc commented
AP Rple (Invoice+ user) needs to be able to issue remittances for batch payments, however they do not need access to the reporting functions.
Please Xero look at this as the current user roles, are not adequate
-
Maria McAdam commented
Whenever anyone asks my experience of Xero, I tell them that it's great for single business owners / single bookkeepers, but has serious shortcomings when it comes to distributed roles. Until Xero fixes the really basic requirements of different users being able to access only "their" areas of Xero, I steer people away from it. Unsure why accounting firms continue to recommend it, knowing of these serious shortcomings.
-
Peter Gray commented
Have changed over to Xero on the basis of recommendations from two accounting firms.
Totally amazed that we are unable to restrict financial management information across our staff list. This is Bookkeeping 101.
Comments from other users indicates that Xero seem to be doing nothing about this basic requirement.
This is causing a major issue for the business. Maybe we'll have to give Xero away.
-
Ellis Luijten commented
Thanks Sharon and Maria, you do wonder what program Xero uses for their business then?
-
Maria McAdam commented
I've been in touch with xero support on this - Tori kindly replied : The only action I can do here is pass on your feedback to our Product team. I've had a look at the votes and comments on Xero Product Ideas and I can see the frustration from not only yourself but other users of Xero.
Of course the difficulty is that Xero is ideal for small business owners but unable to cope with workforce segmentation eg with A/R / A/P roles requiring access only to aspects of Xero specific to their areas (eg reporting, not bank recons).
-
Sharon Bramley commented
HI Everyone, I posted this 7 years ago, and there was little followup from other users. Xero looks at these, and takes the ideas that have the most votes to see if something can be done, so the more votes we get, the better.
I think as businesses are growing, it has become a problem with internal security that Xero hadn't even thought about, so every time some one votes or messages on here, I get notified, and I am sending it to my account manager.
Just to make sure they are aware of it - trying to be as 'in their face' as possible. -
Lorraine Adams commented
You'd like to think so, but seemingly not.
We just get to air our needs and views with each other in some kind of cathartic therapy session.
-
Stephen Flower commented
Is the idea of this Forum that we get some feedback from Xero on this?
-
Lorraine Adams commented
Would it not be possible to set up mini / duplicate modules for each function eg. purchase ledger, with an appropriate selection of billing, aged creditors, day book reports etc? Surely this approach wouldn't interfere with the existing structure and it's clear inability to adapt. (Granted, I'm not a programmer on any level).
-
Lorraine Adams commented
Xero said years ago in the original forum, that this would not change 'in the forseable future', that it was a massive thing to do, as below...
....I understand the platform is set is stone, and the current structure of the reporting module is so far embedded that it would require a major overhaul to allow pick 'n' mix type access....
-
Ellis Luijten commented
Good point Stephen, how? And when? Very frustrating as we don’t know if Xero are planning to address this or not.
-
Kavindra Hewapathirana commented
Why cant Xero Blue set up the permissions the same way and XPM
-
Elis Hoxha commented
It is imperative this gets implemented as soon as possible.
I have just completed a large conversions from QuickBooks to Xero and was embarrassed to find out notify the client that there where not able to limit particular staff to PL, BS & Payroll Data.Access needs to be split between the different categories Financial performance, Financial statements, Payroll etc.
-
Lorraine Adams commented
"Purpose: Because in some organisation, only some people can only see the information for some reports."
Who wrote the above exactly?....My version, and more to the point would be .......
Purpose: Most accounting (& personal) information is confidential, and shouldn't be seen by all staff, at all levels, irrespective of their job rolls. Data protection even says data should only be available on a 'need to see' basis.
It's unfathomable that this access to 'all reports or no reports' concept made it off the cutting room floor in the first place. But I understand the platform is set is stone, and the current structure of the reporting module is so far embedded that it would require a major overhaul to allow pick 'n' mix type access.
Would it not be possible to set up mini / duplicate modules for each function eg. purchase ledger, with an appropriate selection of billing, aged creditors, day book reports etc? Surely this approach wouldn't interfere with the existing structure and it's clear inability to adapt. (Granted, I'm not a programmer on any level).
Our staff could then get on with their jobs, whilst managers & business owners get on with theirs, and the company would remain compliant with data protection laws.......Isn't it obvious?..
Xero has increased subscriptions considerably twice in the last two years, but with no genuinely useful improvements to the basic accounting functionality. But a lot more add-ons via partners that do all the legwork and all too often oversell lacking products in order to fund building something that might one day in the future actually deliver, if they make it in the overcrowded market place at all.
Ah yes - the effort of improving report access wouldn't directly generate any further income would it? But...I think Xero would get more clients. I am compelled to warn clients about this short falling in the software and at least half of them choose other software, with only 'one man band' type clients proceeding as they don't have other people accessing the software anyway. They eventually move away from it when they start employing staff / admin support etc. Shooting yourself in the foot Xero..
I will jump for joy if Xero resolves this issue properly. But I'm not holding my breath....
-
Lorraine Adams commented
Strangely, only management, directors, accountants etc should have access to payroll figures, personal staff & client info, sensitive transactions, directors loan account's, profit figs etc, but as access to an aged creditors report means access to ALL reports - there's no privacy afforded to anyone in this business. All staff see everything or have to be frozen out of the reporting module & ask management, who have nothing else to do anyway (?!) for simple sales & purchase reports etc.
UNBELIEVABLE that that Xero was ever set up like this.
Do staff at Xero see the payroll figures & the director's remuneration, company profits etc on a day to day basis I wonder?...
-
Stephen Flower commented
Ellis - How?
-
Ellis Luijten commented
You can do it!