User roles and permissions
Manage users and define access permissions based on their role.
This page documents creating and editing users, as well as assigning roles and permissions to users.
Controls ensure that each user has access to the necessary functionalities according to their role, maintaining security and order.
If your store is part of a network of multiple stores within the same group or Network, it is possible to grant a user access to one or more stores within the same network.
Managing roles and users allows you to:
- Create roles to group common permissions.
- Configure users with a predefined role or custom permissions.
- Assign permissions at the merchant and environment (SBX/PROD) level.
- Invite and manage users with access based on their role or specific needs.
- Define general roles and assign them to multiple users.
- If someone requires special privileges, create privileges with custom permissions.
Assigning users to multiple stores allows for centralized management of a network.
To ensure secure transactions and traceability, each user must have their own account. Sharing accounts among multiple users puts the integrity of information at risk and makes it difficult to track activities.
Roles
A role is a predefined set of permissions that groups the actions a user can perform in the Admin.
Create a role with a new name and assign the role to multiple users.
Role capabilities
The following table classifies the capabilities of each role;
| Ability | Description |
|---|---|
| Type of trade | - Individual business: permits valid only for that business. - Business network: Encompasses several businesses under a single/global network. |
| Environment | Sandbox (SBX) and/or Production (PROD). |
| Permissions | Read-only or edit access to specific sections and resources. |
Permits are assigned per selected store. IF a store is part of a network, then you can grant access to:
- Multiple stores.
- All stores.
- Only one store.
If access to the SBX environment is given, the user will have access to View and Edit all sections of the Admin in the test environment.
List of assignable permissions
Each role can include one or more of the following permissions per section:
| Section | Permission | Access detail |
|---|---|---|
| Orders | See Orders section | User can see the Orders section, can use filters and order search, can use pagination and rows per page, can see the details of an order |
| Orders | Generate reports | User can see Export button in Orders section, can create adhoc reports |
| Orders | Execute refund, capture and cancellation | User can see actionable button in Order Detail, can execute Refund, Capture and Cancellation of orders |
| Metrics | See Metrics section | User can see Metrics section, can select Tabs, can use filters |
| Metrics | View reconciliation metrics | The user can view the Reconciliations tab within the Metrics section. Filters are available. |
| Reports | See Reports section | User can see Reports section, can see Downloads tab and Scheduled Reports, can see created files and created reports with configuration details |
| Reports | Download reports | User can download files from Downloads Tab |
| Reports | Schedule recurring reports | User can schedule reports with recurrence |
| Connections | See Connections section | User can see Connections section, can select Catalog, Active, Disabled and Pending tab, can see details of a configured connection, can use filters |
| Connections | Create, edit, or disable connections | User can connect, edit or disable Connections |
| Error management | See Error Handling section | User can see Error Management section, can use filters |
| Error management | Change PSP error actions User can change the actionable errors, can filter, can edit in | User can change the actionable errors, can filter, can edit in bulk |
| Payment strategies | See Payment Strategies section | User can see strategies, can see details of the strategies |
| Payment strategies | Create, edit, and disable payment strategies | User can create, edit, disable payment strategies |
| Batch processing | See Batch Processing section | User can view Batch Processing section, can see batch details, can download templates |
| Batch processing | Upload batches of bulk operations | User can upload file to execute refund, capture and mass cancellation |
| Payment link | See Payment Links section | User can see payment links section, can see details of a payment link, can use filters, can use pagination and row per page of the payment links table |
| Payment link | Create or edit payment links | User can create or edit Payment Links conditions |
| Installment campaigns | See the Installments Campaigns section | User can view the installment campaigns section, can use tabs to filter installment campaigns by status |
| Installment campaigns | Create, edit, and/or disable installments campaigns | User can create, edit and/or disable installments campaigns |
| Trade | See Trade section | User can view the installment campaigns section, can use tabs to filter installment campaigns by status |
| Trade | View payment settings | User can see Commerce section, public key, private key, merchant id and can use quick copy |
| Trade | Edit Fraud Settings | User has access to Payment Settings Tab |
| Trade | Enable multiple partial captures | User can enable or disable fraud settings |
| Trade | View receipt settings | User has access to Payment Settings Tab, can enable or disable MPC |
| Trade | Activate automatic receipt sending | User can enable voucher sending on processed and refunded orders. |
| Roles and permissions | See Users, Roles and Permissions section | Users can see the User Management section, can see the Roles and Users tab, can see the details of a user, can see the details of a role |
| Roles and permissions | Create roles | Users can create roles |
| Roles and permissions | Edit role | Users can edit roles |
| Roles and permissions | Delete role | Users can delete roles |
| Roles and permissions | Create users | Users can create users |
| Roles and permissions | Edit users | Users can create users |
| Roles and permissions | Disable users | Users can disable users |
| Roles and permissions | Enable users | Users can enable users |
| Checkout builder | See Checkout builder section | Users can see Checkout builder section |
| Checkout builder | Edit checkout builder | Users can enable or disable payment methods and can change checkout graphic styles. |
Users
A user is the individual account that accesses the Admin.
Each user is assigned a role or receives custom permissions that define:
- The sections you can see.
- The actions you can perform.
- What environments can you access?
List of assignable capacities
Each user can have one or more of the following capabilities per section:
| Capacity | Description |
|---|---|
| Role assignments | Inherits all permissions from the defined role (for example, “Analyst”, “Operations”). |
| Custom permissions | If you don't have a standard role, you can manually mark each permit by section and trade. |
| Environments | • SBX: Can view/edit sections in tests. • PROD: Can operate with real data. |
| Account status | • Pendiente: Received invitation but did not activate account. • Activo: Active access. • Deshabilitado: Cannot access until reactivation. |
| Store scope | • Individual store: Limited access to a single business. • Store network: Can access network stores if the role or access allows it. |
For more information about users, refer to Manage roles and users.
Updated 3 days ago