119 results found
-
Permissions | Ability for Manage users to assign Payroll Admin
If a staff member has Manager User access to a client file this doesn’t allow them to add users to a file with Payroll Admin unless they have Payroll Admin permissions.
It would be good if people are allowed to MANAGE the access without necessarily having themselves.
Can this idea please get implemented as it will avoid adding administrators with Payroll Admin permissions to our large client list when it isn’t required.40 votes -
User roles | Permission - Give cashbook client access to chart of Accounts
When giving a client access to their Xero file for the client to be able to add codes to the chart you need to give the client advisor access - Maybe the access to the chart of accounts should be added to the cashbook client as a tick box option (like manage users is in the adviser access)
3 votes -
Invoice Only Access - View Contact History
Users with the Invoice Only (Approve and Pay) role should be able to view historic invoices/credite notes/bills for a customer or supplier within their contact page.
5 votes -
User Role: Ability for standard users to have access to Uncoded Statement Lines
I would like to recommend that standard access users be able to access a very handy "uncoded statement transaction report" that at this point is only available to the advisers role (usually accountants). I am told for advisers it appears on the front page of bank reconciliation. If it wasn't for chatting to an accountant one day about typing out lists to my clients I wouldn't know about it. I guess you don't know what you don't know. This is an extremely helpful tool when trying to send lists to bookkeeping clients / business partners or employee's when you are…
23 votes -
Expenses - Multiple levels of approval
We need to upload an Approval Matrix/Approval hierarchy with a scope depending on "Location" and "Total amount" with 2 levels of approvers for "Expense claims" (EC) & "Purchase Orders" (PO).
With that, we are looking for automation on sending the EC & PO automatically by the system to the correspondent Approver depending on the scope through email.81 votesHi team, we appreciate wanting more flexibility in expense permissions and that for some businesses a multi-level approval process is necessary.
Though we are continuing to develop Xero expenses to encompass more tools and features our customers are after, we want to be upfront that we don’t have any plans to change expense permissions on our current roadmap.
We will continue to assess your feedback and consider ideas like this as our plans evolve. If there is any change we will share an update.
-
User Roles & Permissions - Ability to suspend users
It should be possible to suspend users without deleting them. This should cut off all accesses but should preserve the account /username itself. This is a basic functionality of user access control which is surprisingly absent from Xero. This preserves the user ID incase someone suddenly leaves the company or is suspended from duties for whichever reason.
27 votes -
Multi-Factor Authentication: Support for third party push notifications
With the recent changes to MFA dropping the remember devices from 30 days to 24 hours, the MFA prompt is now far more often (which is of course more secure) however it does slow down login.
Could you please look at updating the MFA configuration to allow push notifications to the mobile authentication app, or better still the number match, which is far more secure. Examples from Microsoft is below, but the priciple would apply in most major platforms.
https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-mfa-number-match
This would improve the user experiance over the token, but also improve the security overall.
Thanks
Dave31 votesHi 👋 your idea is being looked into by our Community team. We will be in touch soon to update you once your idea has been reviewed.
-
User Role | Invoice Only Users: Ability to remove and amend invoice amounts
Hi Xero.
Currently, User's with Invoice Only Access can only approve invoices and bills. However they are unable to remove a payment (or part thereof) from an invoice.
This is a problem if the User accepts a payment, then realises that there is an error on the invoice, as they are then unable to remove the amount and fix the invoice.
It would be great if these User's could have this ability without having access to the business bank accounts7 votes -
User Role: Restrict access to Projects
Only allow people with limited access to Projects to see their own hours/project, not the total hours billed to any project. The total hours are really none of their business.
9 votes -
User Role: Ability to only create drafts + view reports
Can we have one more category of user role in Xero (A user role with Ability for only to create all possible drafts + View reports)?
This kind of user role can help to minimise recording errors when any transaction (Quotation, Invoice, Bill, expenses, transfer, receive and spend money) can have two steps approval. It can provide more verification flexibility /security for the business which managed by more than one person as well.
View reports can help the initiator to check the effect of the transaction after approval.
We are looking for your kind consideration.
Thank you
6 votes -
Permissions - User Roles to Submit and Approve Quotes and Purchase Orders
It is really basic, the permission control is not flexible and give more options. How about to give multiple choosing box for permissions. I want to create a user and give him permission to create and print quotations and a purchase order permission to create and submit for approval. Because the purchase approval permission i want to give to the manager levels only.
114 votesHi everyone, thanks for sharing your feedback on this idea. We appreciate you explaining how important more flexible user permissions are for your businesses. We understand having granular control over who can create, submit, and approve quotes and purchase orders could help many of you implement better internal controls and protect sensitive financial information.
This idea is now moving to In Discovery, which means our product team are reviewing the viability of the idea as part of wider development of the permissions/user role functionality in Xero. We'll keep you updated here as we learn more.
-
User Permissions | Projects - Read only access to Bills & Invoices of a project
We have assigned users to specific projects but in order for them to see the invoices and bills against this project the settings must be changed so that they can access all bills, invoices and contacts to amend.
I would like a feature so that someone assigned to the project can have read only access to the invoices and bills ONLY associated with this project. Allowing them to still run reports and view profitability on their project but they cannot amend invoices and bills or cannot access others that are not their projects.
18 votes -
User Roles: Restrict access to manual journals
It would be useful if it were possible to restrict the posting of journal entries to specific users.
25 votesHi Margaret, thanks for raising your idea here.
Just want to add that it's only possible for adviser or standard + reports roles to view, edit or post Manual Journals.
Does that change your idea here at all?
-
Xero Accounting app | iOS - Give IO + draft users ability to create purchase orders
Please provide invoice only + draft users with the ability to create purchase orders from the mobile app
5 votesThanks for raising this, Amy.
I've done some testing to check around this and can confirm - While not currently available for iOS devices when using the Xero Accounting app, this is possible on and Android device with the mobile app, or when using Xero on a desktop.
There are some complexities adding to iOS and with a very little usage from IO users there are no plans at present to develop this there. However, it'd be good to get a better sense of the interest, and we'll start to track this through the idea, here. 🙂
-
MFA: Remember 'Trust this device' setting after 24 hours
I understand the ATO requires you to enter 2FA daily, but that doesn't mean the tickbox should uncheck itself every day.
If I tick trust this device on Monday and login using 2FA, I can then login without 2FA for 24 hours.
After that 24 hours, I need to login using 2FA again AND I have to tick the trust this device box again to get another 24 hour reprieve.
Let us tick the box or another box that will remember our choice ongoing. So each day I only have to login using 2FA again but my choice to trust…
11 votesHi 👋 your idea is being looked into by our Community team. We will be in touch soon to update you once your idea has been reviewed.
-
MFA | Remove requirement to use
Get rid of this stupid MFA on EVERY sign in.
It used to be monthly which was bad enough, now it is a constant pain having to use an authentication device just to get access to Xero. MFA is a complete waste of user time. My bank doesn't use it and I trust them not to lose my money, so why does accounting software need it?
If the ATO insists on it with their stupid STP, then link it to STP and nothing else.13 votesHi everyone, we appreciate your feedback about multi-factor authentication, and this has been shared with our teams internally. Security and protecting your data is highly important to us and we want to be upfront that we don't have any plans for removing the requirements for logging into Xero with multi-factor authentication.
That said, we're continuing to improve the experience and offering more ways to verify your identity when logging into Xero.
-
User Role: More options for access rights
More granular level for user access rights
I have seen lots of ideas around this same topic but worded slightly differently.
Essentially, the access rights are far too high level causing users to have access to tasks and rights to delete, approve when they shouldn't
25 votesAppreciate your looking through the forums and existing ideas, Tracy.
Although it might seem quite specific it does help to have detail of the specific permission sets and what is missing in the existing roles shared for each idea, and get a sense of the users that are interested in these differing permissions.
As you can likely imagine, with the number of features and different roles & responsibilities staff may have across businesses a matrices of options for every single permissions across every feature in Xero would be quite complex and cumbersome when trying to assign what a user can or can't do in your organisation.
While we don't have direct plans for this level of incremental control, our product teams are definitely interested to consider the makeup of permissions within a given area or feature of Xero. I'd urge you and others here to add your support to…
-
Users: Remove user access without cancelling user's repeating invoices
If a staff member leaves, you would usually delete them as a user. That causes issues, however, if they have set up recurring invoices. These will be left as draft and will not be sent. It would be useful if you could keepa staff member but remove the access so that they can't log in themselves anymore, almost making them inactive?
It is not as simple as resetting their password because of the 2 step authentication.3 votes -
User Role - Reconcile without access to approve invoices
Being able to customize each user role is quite important as every person in every company does something different. Giving them access to systems they shouldn't have because the User Role they need to do their job allows them access to these other areas is a security risk in general.
Putting in Custom Roles will also allow companies to adjust the Users to their Company Policies for controls.
This is the main reason I am posting this, as we are soon bringing on a new junior accountant where I will need to give them "approval" rights for Invoicing and a…
78 votesAppreciate the idea here - Being transparent, developing granular permissions or roles for every feature and action throughout Xero is not in our plans.
Understanding more of the permission sets majority of users need, will help understand where the biggest impact could be made.
I've slightly adjusted the title to suit the needs of the role you mentioned. We'll get a sense of others that'd like this too.
-
User roles: Restrict access to Invoice Settings
For internal control reasons the 'invoice settings' section should be only accessible for certain access types. Anyone with Xero access (excl read only) can go and adjust the bank account manually entered on the invoices sent to customers.
It would be great to have this locked the same way bank account admin is for supplier payments.
35 votes
- Don't see your idea?