In this guide we are going to show you how the roles and permissions system works on Invoiced. The permissions system has been designed to give fine-grained control over who has access to your sensitive billing and financial information.
Here we are going to walk through adding and removing users from your Invoiced account. Each company on Invoiced has its own set of users that have access to the account. It's important to note that companies are separate from users. This means it is possible for a user to belong to more than 1 company.
User permissions only apply to internal users that are accessing the Invoiced dashboard. The settings chosen here do not have any effect on access to the customer portal.
You can add users in bulk by clicking on the dropdown arrow on the Add User button and clicking Bulk Add. This will allow you to invite multiple users to your account at once.
If the time comes to remove a user from your Invoiced account this can easily be done by an administrator.
If a user belongs to more than 1 company, they can easily switch between those various companies without signing out. It's important to keep in mind that no data or settings are shared between companies, even if you belong to multiple companies.
A role dictates what actions a user is allowed to take, for example, creating invoices, issuing a refund, and modifying item prices. Out of the box, Invoiced includes these roles:
Customers on the Enterprise edition of Invoiced can create their own roles that have a different set of permissions than the standard roles. This can be used to provide more granular access to the various functions of Invoiced.
In addition to restricting what actions a user can take within Invoiced, you can also restrict the customer accounts they can access. Restrictions can be set on each user account to provide additional security and accommodate more advanced access requirements. This means users with the same role could potentially have access to a different set of customers, if needed, depending on their restrictions.
We support the following types of restrictions:
The Restrict by custom field restriction allows you to use any custom field on the customer level to dictate customer access for a user. For example, you might have a custom field to represent a territory, department, or entity. With custom field restrictions you can easily grant a user access to a list of territories, departments, entities, etc.
When you use this setting you can restrict a user to a list of values for up to 3 custom fields. Users will only be able to see customers that match one of the values in the list for each custom field. If a customer does not have the specified custom field values then this restricted user would not be able to see that customer in the dashboard.
In this example a user has access to all customers that have a Territory value of North or East.