Growing businesses require growing teams. As your business grows, you find yourselves with a team of people spread across vastly different departments, roles, and locations. How do you strike the perfect balance between your store’s privacy and productivity? And between control and accountability? That’s where Shopify’s staff permissions come in.
Keep reading to learn how to use staff permissions to efficiently manage your team and control what they can and cannot do in Shopify.
Table of contents:
What are staff permissions?
Staff permissions give you the ability to control what your staff members can see, do, or change in your Shopify store. They determine the level of access each staff member has to your store—whether it’s viewing and editing product prices or managing inventory. The right permissions ensure that everyone has access to all the information they need to get their job done and none that they don’t.Explore staff permissions in Shopify admin
How do staff permissions help you manage your store?
Staff permissions help you maintain control and security over your store. The right permission helps to prevent unauthorized access to sensitive customer and store data, and also ensures tasks are completed efficiently and effectively.
Provide just the right permissions to each team member
Previously, the all-or-nothing permission meant you might have to either over-provision or under-provision access. With granular staff permissions, it’s possible to make nuanced decisions about who can access what information and what they can do with it. This is especially helpful where permissions are unnecessary to a role, like customer service, where viewing product information is important, but the ability to edit information isn’t. Or like fulfillment staff that need to be able to update inventory, but not to change or edit a product’s cost or price.
Improved efficiency and scalability
By giving staff members access to the features and information they need to do their jobs, staff permissions help to ensure that tasks are completed efficiently and effectively. Granular permissions also allow you to easily scale as your team evolves and delegate with confidence.
Meet internal control requirements in compliance programs such as SOC and SOX
SOC and SOX are compliance standards that require organizations to have appropriate controls in place to protect the confidentiality, integrity, and availability of sensitive data. By using granular permissions, merchants can limit access to sensitive data to only those staff members who need it to perform their job functions. This helps to ensure that sensitive data is not accidentally modified or deleted.
To make managing your business and team easier, we’ve added 10 new granular staff permissions that help you delegate more product related tasks with confidence.
10 new granular permissions and how to use them
Introducing 10 new granular permissions for products, including view-only permissions, so you can have better control over staff access across products and delegate with confidence. Here’s a breakdown of what these new permissions are and what they do:
- View products: Allows staff access to view product details without viewing the cost. The ability to view costs can be granted separately if necessary.
- View cost: Allows staff access to view the cost of a product.
- Create and edit products: Allows staff to create, edit, import, publish, and archive products and collections.
- Edit cost: Allows staff to edit the cost of a product.
- Edit price: Allows staff to edit the price of a product.
- Manage inventory: Allows staff to create, transfer, track, import, export, and adjust inventory.
- Delete products and collections: Allows staff to delete products, collections, and variants.
- View catalogs (price lists): Allows staff to view price lists.
- Create and edit catalogs: Allows staff to view, create, edit, archive, and import price lists.
- Delete catalogs: Allows staff to delete price lists.
Last year, we also launched the Order Refund permission, which lets you grant your staff order permissions without giving the access to refund money on orders.
In addition to new granular permissions, here are a few more improvements for Plus merchants to manage their growing teams:
Duplicate user role in Plus admin
Plus merchants can now duplicate existing roles and assign it to a user easily in Shopify organization admin. Instead of having to create a new role from scratch, use an existing role as the baseline for the new one. Just visit your admin, select the role you want to duplicate from the Role list, and name the newly duplicated role.
Role provisioning through SCIM
Plus merchants can now provision users along with roles directly from their identity providers (IdPs) without having to go through a two-step process. Learn more about it in the Help Center.
Audit Events Webhook
The audit events webbook lets you easily access Admin API activity logs on your store, so you can understand the history of all actions that impact your store, whether they're from the store admin or public, private, or custom apps. Send them to GCP or AWS, and then route the data to your provider of choice. Check out the webbook today.
Tips for using Shopify's staff permissions
Set up your customer support team for success
Customer support plays an important role in your customers’ interactions with your brand. You want to enable your customer support team to be as helpful as possible. One of the most common use cases for granular permissions is to grant customer support teams with view-only access to products. Without the ability to edit products or their prices, your team can provide excellent service to your customers without accidentally making changes on live products that might negatively affect your store.
For Plus merchants, you can now create even more customized roles
Paired with granular permissions, you can now create customized roles for your team. Every time a new member joins, you can assign a role to automatically grant pre-defined permissions. For example, a Merchandiser role can have Create and Edit products permission while an Inventory Manager to have only permissions around inventory and fulfillment.
Staff roles and permissions also help you control what retail store staff can do in Shopify POS. Create roles and permissions so your front of house, back of house, and management team can do their jobs more effectively.
More granular staff permissions are coming soon
Granular permissions are an extremely effective way that we as a platform can help alleviate some of the biggest barriers to scaling your business. In addition to granular permissions for Products, we’re also working on dozens more; for Orders and Draft Orders, Customers, Settings, and others. We’ll be launching these permissions alongside other platform improvements and efficiencies throughout 2023.
The all-in-one place to scale any business and team
With Shopify, you can operate your business however you want to, efficiently and securely. We’re dedicated to constantly adding and improving features and functionality that make Shopify the most powerful and flexible platform to scale and business you can think of to any size you can imagine.Explore staff permissions in Shopify admin