XPM - Invited User Admin Level client access
General overhaul of user permissions. Including: When a new user is added to the practice at the admin level, they are automatically added to all clients in the practice. For large firms this is problematic and would be better if all users were only given access to the demo account upon invitation.
Block Advisors
shared this idea
Thanks for taking the time to share your feedback.
Based on Xero Central, when you invite someone into your practice with the administrator role, they get default access to organisations where the subscription is managed by the practice. However, this access can still be managed and overridden from the staff record. If you have Manage staff access, you can update that staff member’s access to all clients in the Permissions tab, or override access for specific client records.
If you also have Manage users permission for the organisation, you can update the staff member’s access to that organisation as part of the setup.
If the subscription isn’t managed by the practice, the staff member needs to accept a Xero organisation invite from the client to access that organisation.
So while admin users do receive default access to practice-billed organisations, that access isn’t fixed. You can limit their access from the staff record, including setting client access to No access and assigning only the clients you want them to have.
If you’d like to talk through your specific setup in more detail, you can also raise a case with our Support team to discuss how these permissions can be managed in Xero Practice Manager.
