Users and Permissions

People who access the system in ERPNext are called users, and each user can be given one or more roles to limit what they can see or do. System Users, who have access to internal modules such as Sales, Accounts, and HR, and Website Users, who are limited to the customer/supplier portal, are the two primary categories of users. In order to guarantee that users only access pertinent data, roles specify permissions like reading, creating, and editing documents. With complete control over users, roles, and system settings, the System Manager role is the most potent. For greater control, permissions can also be altered at the document and user levels.

1. Types of Users

ERPNext has two categories of users:

1.1. System Users

  • These are internal users, such as managers, salespeople, accountants, and employees.

  • They have access to the Sales, HR, Accounts, Stock, and other ERPNext modules.

  • System users have full access according to their roles and need to purchase licenses (for cloud users).

1.2. Websites Users

  • These are external users who only use the portal view, such as suppliers or customers.

  • They have access to their own data, including delivery notes, invoices, and orders.

  • Internal modules like accounting and human resources are inaccessible to them.

2. What Is a Role?

A role specifies the kinds of documents that a user can view and the actions (view, create, edit, delete, submit, etc.) that they can perform.

For Example:

  • A Sales User can view sales invoices and orders, but not payroll or leave approvals.

  • Journal entries are not accessible to a Stock User, but warehouse reports and stock entries are.

Note: A user can be assigned to more than one role depending on their job duties.

3. Assigning Users and Roles

To manage users:

  • Go to Users Permissions > User

  • click New to create and enter a user's email address

  • Click "Set Roles" to assign one or more roles after saving.

  • Access can also be restricted according to particular departments, branches, or companies.

Note: The system defines permissions differently for each role.

4. System Manager

The admin role in ERPNext is the System Manager.

  • This role allows users to add and edit other users.

  • Able to assign and remove roles for anybody

  • Able to access all documents and modify system settings

Note: Assigning at least two System Managers for backup is best practice, but only trusted users should be given this responsibility.

5. ERPNext Permission Control

The layered permission system in ERPNext functions as follows:

  • Role-based Permission: Establish which role has the authority to do what on each document (such as a sales invoice, item, journal entry, etc.).

  • User Permissions: Establish limitations for particular users, such as letting them view data for just one client, warehouse, or project.

  • Document-Level Restrictions: You can specify who has the ability to read, write, edit, remove, submit, or cancel a document.

Example Scenario:

  • Ali is a Sales Executive → Assign role: Sales User

  • Sara is an Accountant → Assign roles: Accounts User and Accounts Manager

  • Amir is the Admin → Assign: System Manager

Note: To increase efficiency and security, each user will now only see the modules, reports, and actions that they are permitted to use.

  1. Adding users

  2. Role and Role Profile

  3. Role based Permissions

  4. User Permissions

  5. Role Permission For Page and Report

  6. Sharing

  7. Limited User

  8. Administrator

7. More to Follow

Discard
Save
Draft

Previous Page

Left

Next Page

Right

On this page

Review Changes ← Back to Content
Message Status Space Raised By Last update on