User Groups

How user groups work

Commerce Kitty uses role-based access control. Instead of granting permissions one user at a time, you define a group such as "Customer Support" or "Warehouse" and attach the right permissions to it. Every user in that group gets the same access. Change the group and everyone inside it updates at once.

A user belongs to one group. The group's permissions are the ceiling of what the user can do. If the group does not grant "Edit Orders", no user in that group can edit orders.

Common group setups

Most teams start with three groups:

• Viewer. Read-only. Useful for accountants and auditors. Grant View and View All on everything, nothing else.
• Operations. Day-to-day order and inventory work. Grant full access to Orders, Shipments, and Products. Leave user management and billing locked down.
• Admin. Near-owner. Grant everything except destructive actions you want reserved for the owner.

Creating a group

Go to Configuration, then User Groups, and click add. Enter a name and code, check the permissions the group should have, and save. Then assign users to the group from the Users page.

User group fields

Name

The human-readable label shown in the admin UI. Pick something your team will recognize, like "Warehouse Staff" or "Support Tier 1".

Code

A short machine identifier for the group. Used internally and in API calls. Use lowercase and dashes, for example warehouse-staff. Must be unique.

Permissions

The set of actions members of this group can perform. Permissions are scoped per resource (orders, products, customers, channels, etc.) and per action. Not every resource exposes every action.

• View All. See the list of a resource. Required to browse the index page for that resource.
• View. Open a single record and see its details.
• Create. Add a new record.
• Edit. Modify an existing record.
• Delete. Remove a record.

Read more

• Users
• API Keys