As our merchants grow, and as we get interest from medium-sized and large organizations, we’ve been hearing that they need to limit what various users can see and do.
For instance, we spoke with a merchant this week that has 200 employees plus some outside contractors, such as a call center.
With any organization of that size (and even smaller organizations), the managers of those organizations may need to limit what people can see and do.
- Within a large organization, Finance needs access to financial data but not product editing, Sales needs access to customer info but nothing else, Product Marketing needs access to products, coupons, and components, but nothing else.
- A company outsources sales to a call center, and they want the call center staff to see customer records but nothing else.
- A company has 4 business divisions, and each division is a Site in Chargify. Only certain employees should have access to each Site.
- For regulatory compliance reasons, certain staff members can only access your test Sites, while others can access your live Sites.
- A consulting firm has many clients, and some of those clients have Sites in the firm’s Chargify account. The consulting firm needs full access to their clients’ Sites, and they want to give Site-only access to staff members from each client.
- You have an outside firm that does consulting for you, and you want to give them narrow access to your Chargify account so they can do their work but not see or edit various things.
How Access Controls Works
The system implements 3 types of users, plus a selection of fine-grained access controls on the most common type of user.
Types of Users
Within your Chargify account, each user/employee/contractor is classified as one of the following types of users:
- Owner is the account owner (handles Chargify billing) and can see & do everything.
- Admin can create other user and admin accounts, and has full access to all Sites.
- Team Member is limited to certain Sites, can only do what his/her permissions allow, and cannot create other user accounts.
(The first 2 user types have always been available on all Chargify accounts, and they still are.)
Access Controls per Team Member
Since the Owner and Admin users have full and nearly full access to everything, the real control you have is with your Team Member users.
The most basic thing you can do is allow or deny them access to whole Sites in your Chargify account:
- If you deny someone access to a Site, then they won’t even know it exists. This is perfect in situations where you have different businesses and different people for each one, or where regulations like HIPAA or PCI dictate that certain people not have any access at all.
- If you give someone view access to a Site, then they can view some parts of the Site, but their access will be limited to just viewing those things (they can’t create or edit).
If the user needs access to the Site and needs to do deeper things, here’s what you can give them:
- Manages product catalog adds the ability to create & edit products, taxes, and components.
- Views and exports financial metrics adds the ability to see Analytics, Transactions, CSV exports, and metrics on the Site dashboard.
- Manages subscribers and customers adds the ability to create, edit, cancel, and re-activate subscriptions and customers.
This implementation of User Access Controls will help a lot of medium-sized and large organizations. For more information on adding team members and setting their access, check out our User Access Controls Documentation.