Permissions - Give Invoice Only users access to Send/Print for approved invoices
Invoice Only User SHOULD have access to "send and print" feature once the Purchase Order were approved. To address this concern, a user should have an access level of Invoice Only + Purchases, however, changing the permission to this level, the inputs made by other users, which might be confidential and unnecessarily to be seen by others, are compromised. I would like to request to add this feature (send and print) for the Invoice Only users.

We appreciate you taking the time to share and support this idea. We can see that this idea is already gaining traction amongst the community. Giving Invoice Only users the ability to send or print approved invoices has the potential to simplify your workflow and make day-to-day tasks more efficient.
Enabling this functionality would allow the same users who create and approve invoices to also send or print them, reducing handovers and helping your business operate more smoothly. It’s a great example of how a small change can lead to better team autonomy.
Currently, this action is available to users with Standard, Advisor, or Invoice Only – Approve & Pay roles. Expanding this to other Invoice Only roles, such as Draft, Sales, or Purchases could make Xero even more flexible for teams with clearly defined responsibilities.
We’ve moved this idea into the Gaining Support stage. It’s now open for voting and comments, and we’ll be keeping a close eye on interest from the community. Your feedback helps guide how we prioritise future improvements.
-
Clare Ward commented
This would save us a lot of time and improve efficiency within our small finance team
-
Campbell Green commented
Granular Access Control – Secure, Zero Trust Permissions
Control-C’s new security model introduces a level of granularity never seen before in managing access to your Xero financial data. Traditionally, giving an employee access to run an Aged Payables or Aged Receivables report meant exposing your entire financial landscape – including sensitive areas like your Profit & Loss, balance sheet, bank transactions, and even other employees’ bonus information. Xero’s native user roles are fairly broad (e.g. standard user or advisor roles grant wide access). Not anymore.With Control-C’s Zero Trust-based security framework, you can now restrict access to just the specific data or reports your team members need – and nothing more. Want a staff member to run only the Aged Receivables report? You can grant that exact permission, without also giving away the rest of your accounting info. No more over-exposure or “all-or-nothing” access. For example, an accounts clerk can be set up to view and export customer invoices and aging reports, but cannot see the general ledger or payroll details. A junior bookkeeper could be limited to inputting bills and viewing the payables report, without any visibility of bank balances or management reports. You define roles at a fine-grained level – a stark contrast to Xero, where even a read-only user can see almost everything.
This precision access control is built from the ground up, aligning with modern Zero Trust security principles that assume no implicit trust – every access is explicitly granted and minimal. For accountants and compliance officers, this means better internal controls and cleaner audit trails. You can demonstrate that even within your organisation, sensitive financial data is only accessible on a strict need-to-know basis. For instance, an auditor or external accountant could be given a special “Auditor” role on Control-C: read-only access to relevant reports and the audit log, but nothing else. Meanwhile, your sales manager might have access to customer contact list backups (for business continuity) but not to any financials. These tailored permissions greatly reduce the risk of internal data leaks or unnecessary snooping.
For business owners, the benefit is peace of mind and professionalism. You no longer have to say, “I’ll give my assistant access to Xero, but I hope they don’t poke around the salaries or bank accounts.” Instead, you define their role on Control-C to exactly what they require (perhaps invoice creation and nothing else). It shows a commitment to confidentiality: employees see only what’s relevant to their job, which also reduces temptation and errors. And because the platform logs every access and download, you have a full audit trail of who viewed or exported data.
This Zero Trust security model is a unique selling point of Control-C’s platform. It effectively adds a new permission layer on top of Xero’s data, one that many businesses have long wished Xero itself had. By deploying it, you protect sensitive information by default while still empowering your team with the tools they need. The result is a more secure, compliant operation, where data access is precisely aligned with role and purpose – no more, no less.
If you would like to learn more visit Control-C.com or find us in the Xero App Store.