Adding Users In ERPNext

By allocating roles and permissions, ERPNext enables companies to safely control user access. Users are guaranteed to only access the features and information pertinent to their jobs thanks to these permissions. This enhances workflow effectiveness while safeguarding confidential company data.

Types of Users

In ERPNext, there are two main categories of users:

1. Website Users

Customers, suppliers, students, and patients are examples of external users.

  • They can only access the portal that is visible to the public.

  • Internal ERP modules like accounting and inventory are inaccessible to them.

  • Only features like viewing invoices and updating personal information are available to them.

2. System Users

These are internal employees, including managers, sales representatives, accountants, and human resources officers.

  • They can access core data and ERP modules.

  • Permissions are managed according to their designated roles.

Note: If a user is assigned an internal role (such as Purchase Manager, Sales User, etc.), they automatically become a System User.

1. How to Add a New User

Adding User

To add a new user:

  1. Go to: Home > Permissions and Users > User

  2. Select "New."

  3. Enter the user's email address, which acts as their unique ID.

  4. Enter the user's first and last name.

  5. Click "Save."

A user profile will now be created by ERPNext. You can keep changing their details and access after saving.

2. Features

Several options are available for configuring the user's access, personal information, and login behaviour after they have been saved.

2.1. Assigning Roles

Adding User

  • A list of open roles with checkboxes appears after the user profile has been saved.

  • One or more roles (such as sales user, accounts manager, or human resources user) can be assigned.

  • Every role has predetermined rights.

For instance:

  • Customers, quotes, sales orders, and other information are all accessible to a Sales User.

  • Journals, bank transactions, invoices, and more are accessible to an accounts user.

    • Role Profiles, or grouped roles, can also be assigned in bulk. For instance, HR User, Attendance User, and Leave Approver may be included in the "HR Team" profile.

2.2. User Information

Demographic and personal data can be stored in this section. Among the fields are:

  • Gender

  • Mobile number and phone number

  • Date of Birth

  • Location (Area/City)

  • Interests and a Brief Bio

  • Upload a banner image to your portal profile.

Note: If the user would rather have a quieter interface, you can also check "Mute Sounds." They might have to select Settings > Reload after turning this on in order for the changes to take effect.

2.3. Change Passwords

ERPNext provides a number of tools for safely managing passwords:

  • Create a New Password: You can create a new password for any user directly as a System Manager.

  • Notify the User of Password Change: Notifies the user via email of the change.

  • Log Out From All Devices: For safety, use this feature to log the user out of all computers and mobile devices.

2.4. Document Follow

Users have the option to follow particular documents, like orders, projects, invoices, etc. Every time the document is updated or commented on, the user receives email notifications.

2.5. Email Settings

There are numerous choices for controlling user-specific email behaviour:

  • Send Email Thread Notifications: Receive notifications for email exchanges taking place within documents such as support tickets or opportunities.

  • Send Me a Copy of Outgoing Emails: Helps users keep track of the messages they've sent.

  • Allowed in Mentions: This enables @ to be used to tag the user in notes and comments.

  • Email Signature: Configure a unique email signature that will show up in all of the user's outgoing emails from ERPNext.

2.6. Email Inbox Subscription

  • Users can sign up for company mailing lists such as Jobs, Sales, and Support.

  • Just choose the mailing list and add a new row. This facilitates the organisation of internal communication.

2.7. Allow Module Access

Adding User

Module access is automatically granted by ERPNext according to roles that have been assigned. But you can hone it even more:

  • Navigate to the "Allow Module Access" section.

  • Even if this user has access due to their role, uncheck any modules you do not want them to see.

2.7.1. Module Profiles

Adding User

Rather than allocating modules individually, you can make Role Profiles such as:

  • "HR Team" for Leave, Payroll, and HR

  • "Finance Team" for Payroll, Assets, and Accounting

  • Roles and modules are grouped in these profiles for quicker distribution among numerous users.

2.8. Security Settings

This section guarantees that user access is restricted in accordance with corporate policies:

  • Simultaneous Sessions: Simultaneous login sessions the user is allowed. You can use the same set of credentials for multiple users by allowing more sessions. This can be restricted from System Settings globally. For cloud account, the total number of simultaneous sessions cannot exceed the total number of subscribed users.

  • User Type: If the user has any role checked other than Customer, Supplier, Patient, or Student they automatically become a System User. This field is read-only.

Login After, Login Before: If you wish to give the user access to the system only between office hours, or during weekends, specify it here. For example, if office hours are from 10 am to 6 pm, set the Login After, Login Before hours as 10:00 and 18:00.

Restrict IP: Restrict user login to the IPs specified here. This can be used so that the user can log in only from office computers. Multiple IPs can be added separated by commas.

This section also shows other details like Last Login, Last IP, and Last Active time for the user.

2.9. Third-Party Login

ERPNext makes login easier and safer by enabling users to use third-party authentication services like Google, Facebook, or GitHub. The ERPNext administrator must first register for a developer account with the selected provider (such as GitHub Developer Settings, Facebook for Developers, or Google Developers Console) in order to activate this feature.

You must register a new application after creating the developer account. Here, you must enter information such as the App Name, Origin URL (the base URL for your ERPNext site), and Callback/Redirect URL (the URL where the provider reroutes users following authentication). The provider will create a Client ID and Client Secret after the app is created, which you need to enter into ERPNext's Third Party Authentication settings.

When set up correctly, the ERPNext login page will display login options such as "Login with Google" or "Login with GitHub." By decreasing password-related problems, this configuration improves security and simplifies user management.

2.10. Integration via API Access

By selecting the "Generate Keys" button in the user profile, you can create API Secret Keys for a user in ERPNext. Secure, programmatic access to ERPNext data from external applications, like a custom mobile app or an offline Point of Sale (POS) system, is made possible by these keys (API Key and API Secret). The API keys specify the user's permissions for data access and authenticate the external system. When you need ERPNext data for an integration but don't want users to log in manually, this is helpful. Since these keys work similarly to a password for API access, always keep them in a secure location.

2.11. After Saving

Adding User

After the user has been saved, the dashboard will show more tools:

  • Set User Permissions: Enables the creation of unique access restrictions, such as the ability to view only sales orders from a particular region.

  • View Permitted Documents: Displays every record to which this user is granted access according to their role and custom rules.

2.11.1. Options for Resetting Password

  • Reset Password: An email with instructions to reset the user's password will be sent to the user's Email Account.

  • Reset OTP Secret: Reset OTP Secret for logging in via Two Factor Authentication.

Create User Email will let you create an Email Account for the user based on the email entered in the User master.

3. Login Method

Enabling the "Allow Login using Mobile No" option in ERPNext's System Settings > Security section enables users to log in with both their registered mobile number and email address. Email is still the primary user ID, even though the mobile number needs to be distinct.

Users have more flexibility when this setting is enabled because they can log in using either their email address or mobile number. This is particularly helpful in settings where users can safely log in with their phones but may not have easy access to email.

  1. Role Based Permissions

  2. User Permissions

  3. Document Follow

5. More to Follow

Discard
Save
Draft

Previous Page

Left

Next Page

Right

On this page

Review Changes ← Back to Content
Message Status Space Raised By Last update on