User Roles

Your organization most likely employs individuals with expertise in various areas of ecommerce, and they may all need different levels of access to Admin. Roles define a user's level of access in the form of behaviors. There are several default roles that come with Admin, but you can also create custom roles to better fit the needs of your organization.

Note that changes to these settings may not immediately take effect when processing orders. It may take up to 15 minutes for updates to be reflected in the system while the cache refreshes.

How Roles Work

A role is a title given to a user that determines what their account permissions ("behaviors") are. There are a set of default roles that come configured with the Kibo platform, and each role has a set of assigned behaviors already enabled for its users. These behaviors are often the ability to Create, Read, Delete, and Update different datapoints such as products, discounts, promotions, etc.

View all roles under the Roles link in the Permissions tab of the homepage or go to System > Permissions > Roles from the Kibo homepage or elsewhere in Admin. Click a role to view its behaviors, or create a new role.

The Roles page

Create a Role

To create a custom role:

  1. Go to System > Permissions > Roles.
  2. Click Create New Role.
  3. Enter a Name for the role.
  4. Choose a Behavior Category.
  5. Under the Behavior Name heading, select the behaviors you want to add to the role. A summary of the selections for all behavior categories is displayed on the right, under the Selected Behavior heading.
  6. Click Save.The Create New Role module with example selections for Customer and Purchase Order behaviors

Default Roles

Kibo eCommerce comes with default roles that define a user's eligible level of access in Admin in the form of behaviors. You can use these roles to assign responsibilities to members of your organization. 

Default Role List


The default Admin roles and their behaviors are listed below.

  • Admin
    • The Admin role has all the same behaviors of the SuperAdmin role except for the following: Product Code Change, Admin User Create, Admin User Update, Admin User Delete, User Role Create, User Role Update, and User Role Delete.
  • Catalog Manager
    • Product: Product Create, Product Read, Product Update, Product Delete, Product Category Create, Product Category Read, Product Category Update, Publish Product Changes
    • Site: Site Create Content, Site Read Content, Site Update Content, Site Create Document List, Site Read Document List, Site Update Document List, View Live Content
    • User: Admin User Read, User Role Read, User Assign Roles
    • Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
    • Location: Location Read
  • Content Manager
    • Product: Product Read, Product Category Read
    • Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, View live content
    • Channel: Channel Read
    • Location: Location Read
  • Customer Manager
    • Site: View live content
    • Customer: Customer Create, Customer Read, Customer Update, Customer Delete
  • Extension Log Reader
    • Tenant: Log Read Behavior
  • Fulfillment Agent
    • Site: View live content
    • Order: Order Read, Order Update - All, Order Ship
    • Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
    • Location: Location Read
  • Inventory Manager
    • Product: Product Create, Product Read, Product Update, Product Delete
    • Site: View live content
    • Location: Location Read
  • Location Manager
    • Site: View live content
    • Order: Order Read, Order Update - All, Order Ship
    • Location: Location Create, Location Read, Location Update, Location Delete
  • Order Manager
    • Product: Product Read
    • Site: View live content
    • Customer: Customer Create, Customer Read, Customer Update, Customer Delete
    • Payment: Payment Create, Payment Read, Payment Update, Payment Delete
    • Order: Order Create, Order Read, Order Update - All, Order Delete, Order Cancel, Order Apply Payment, Order Ship
    • Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
    • Location: Location Read
  • Promotion Manager
    • Product: Product Read, Product Category Read
    • Site: View live content
    • Discount: Discount Create, Discount Read, Discount Update, Discount Delete
    • Channel: Channel Read
    • Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
    • Location: Location Read
  • Report Super User
    • Reporting: Report Read, Report Definition Read, Report Definition Update, Report Definition Create, Report Definition Delete
  • Report Reader
    • Reporting: Report Read
  • Sales Representative
    • B2B Account: B2B Account Create, B2B Account Delete, B2B Account Read, B2B Account Update
    • Customer: Customer Read, Customer Update
    • Extensibility: Extensibility Read
    • Order: Order Read
    • Purchase Order: Purchase Order Read, Purchase Order Create, Purchase Order Update
    • Price List: Read Price List
    • Quote: Quote Create, Quote Delete, Quote Read, Quote Update
    • User: Shopper User Read, Shopper User Create, Shopper User Update, Shopper User Delete
    • Wishlist: Wishlist Read
  • Site Designer
    • Product: Product Read, Product Category Read
    • Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, Site Update Theme, View live content
    • Channel: Channel Read
    • Location: Location Read
  • Site Reviewer
    • Site: Preview Changes before they're published, View live content
  • SuperAdmin
    • The SuperAdmin role has all behaviors in Kibo eCommerce (including Override Order Update Restriction), except for Customer Password Update, Report Read, and Report Definition Update.

You cannot change any default roles. If you want to change a default role, you must create a custom role and add any required user behaviors to the custom role. This guide demonstrates how to do these tasks in the user interface, but the User Management APIs can also be used to manage roles and user accounts.

Fulfiller Roles

To support order management, additional fulfillment-related roles have been created. These are Fulfillment Manager and Fulfillment Employee roles that come in two types: global and location-specific. Globals are available by default, while location-specific roles are treated like custom roles but are automatically generated for each location that is created in Admin. These custom roles have permissions based on the global versions, but the permissions can be customized on a location basis if desired.

Close-up of global and location-specific roles

Employees can only fulfill shipments, while managers can both fulfill shipments and manage employees. Global managers and employees have access to this information for all locations, while location-specific users can only view the shipments (and other users, if a manager) from the location they are assigned to.

Managers can assign employee and manager roles to users they have access to, which means that they can upgrade an employee to a manager. However, only global managers can assign the global versions of these roles - if they are location-specific then they can only assign location-specific employees and managers.

  • Global Fulfillment Manager
    • Site: View live content
    • Channel: Channel Read
    • Location: Location Read
    • Order: Order Read, Order Update – All, Order Ship
    • SettingsOrder: Order Settings Read
    • User: Admin User Read, Admin User Create, Admin User Update, User Role Read
  • Global Fulfillment Employee
    • Site: View live content
    • Channel: Channel Read
    • Location: Location Read
    • Order: Order Read, Order Update – All, Order Ship
    • SettingsOrder: Order Settings Read

In a case where multiple roles are assigned to a user, the one with broader access takes precedence. For example, a user could have the role of both a Store Employee that can fulfill shipments at Location A and a StoreAdmin that can fulfill shipments at Locations A, B, and C. But this makes the Store Employee role redundant and so the user will have the access of a StoreAdmin.

Managing Order Routing Access

Access to the Order Routing application is not granted by a dedicated order routing user role, but rather by a behavior that can be assigned to existing roles. This behavior is called "Order Routing" and is included with the Admin and SuperAdmin role by default.

These users are able to view the Order Routing tile on the Kibo homepage and access the application with read/write permissions to manage routing rules.

Role Behaviors

The following sections list the role behaviors in Admin. To view each role's assigned behaviors:

  1. Go to System > Permissions > Roles.
  2. Select the role whose behaviors you wish to view.
  3. The role's assigned behaviors appear in the View Role modal.

Account Behaviors


The behaviors under the Account group are:

Behavior Description
Account Install App Install apps to the account
Account View Statement View account statement details

B2B Account Behaviors


The behaviors under the B2B Account group are:

Behavior Description
B2B Account Create Create a B2B account
B2B Account Delete Delete a B2B account
B2B Account Read View a B2B account
B2B Account Update Make changes to a B2B account

Cart Behaviors


The behaviors under the Cart group are:

Behavior Description
Cart Delete Delete a shopper's cart
Cart Read View a shopper's cart
Cart Update Make changes to a shopper's cart

Channel Behaviors


The behaviors under the Channel group are:

Behavior Description
Channel Create Create new channels
Channel Delete Delete existing channels
Channel Read View existing channel details
Channel Update Change existing channel details
ChannelGroup Create Create new channel groups
ChannelGroup Delete Delete existing channel groups
ChannelGroup Read View existing channel group details
ChannelGroup Update Change existing channel group details

Credit Behaviors


The behaviors under the Credit group are:

Behavior Description
Credit Create Create new store credit for customers
Credit Delete Delete existing store credit
Credit Read View existing store credit details
Credit Update Change existing store credit details

Customer Behaviors


The behaviors under the Customer group are:

Behavior Description
Customer Create Create new customer accounts
Customer Delete Delete existing customer accounts
Customer Read View existing customer account details
Customer Update Change existing customer account details
Stock Notification Create Create stock notifications
Stock Notification Delete Delete stock notifications
Stock Notification Read View stock notification details
Stock Notification Update Change stock notification details
Customer Password Update Reset existing customer account passwords

Discount Behaviors


The behaviors under the Discount group are:

Behavior Description
Discount Create Create new discounts
Discount Delete Delete existing discounts
Discount Read View discount details
Discount Update Change discount details

Event Subscriptions Behaviors


The behaviors under the Event Subscriptions group are:

Behavior Description
Create Event Subscriptions Create event subscriptions
Delete Event Subscriptions Delete event subscriptions
Read Event Subscriptions View event subscription details
Update Event Subscriptions Change event subscription details

Extensibility Behaviors


The behaviors under the Extensibility group are:

Behavior Description
Extensibility Create Create extensions
Extensibility Delete Delete extensions
Extensibility Read View extension details
Extensibility Update Update extension details

Installed Application Behaviors


The behaviors under the Installed Application group are:

Behavior Description
Delete installed applications Delete installed applications
Read installed applications View the installed applications
Update installed applications Change installed applications

Location Behaviors


The behaviors under the Location group are:

Behavior Description
Location Create Create new locations
Location Delete Delete existing locations
Location Read View existing location details
Location Update Change existing location details

Order Behaviors


The behaviors under the Order group are:

Behavior Description
Order Apply Payment Apply a payment to an order
Order Cancel Cancel an order
Order Create Create a new order
Order Delete Delete an existing order
Order Fulfill Fulfill an order
Order Read View the details of an order
Order Ship Ship an order
Override Order Update Restriction If an order has been set to restrict editing or cancellation, this behavior will override those flags and allow the user to edit and cancel the order
Note: In addition to their unique permissions, each Order Update behavior listed below can accept and cancel orders, resend order emails, edit internal notes on the order, and print order templates such as the Order Details template.
Order Update - Items Change only the details of order items and their quantities
Order Update - Pricing Change only the pricing information related to an order
Order Update - Discounts Change only the discount information of an order
Order Update - Attributes Change only the attributes on an order
Order Update - Manual Adjustments Change only the order subtotal and the shipping cost of an order

Payment Behaviors


The behaviors under the Payment group are:

Behavior Description
Payment Create Create a payment for an order
Payment Delete Delete a payment for an order
Payment Read View the payment details for an order
Payment Update Change the payment details for an order
Read Payment Settings View the payment settings
Update Payment Settings Change the payment settings

Product Behaviors


The behaviors under the Product group are:

Behavior Description
Product Create Create new products
Product Delete Delete products
Product Read View product details
Product Update Change product details
Publish Product Changes Discard or publish staged changes to products
Product Category Create Create new product categories
Product Category Delete Delete product categories
Product Category Read View product category details
Product Category Update Change product category details
Change Product Publishing Mode Change the publishing mode for product changes in the Publishing module
Create inventory Create inventory
Delete inventory Delete inventory
Read inventory View inventory details
Update inventory Change inventory details
Product Code Change Change product codes
Product Type Change Change product types

Provisioning Behaviors


The behaviors under the Provisioning group are:

Behavior Description
Create and Delete Sites and Master Catalogs and Catalogs Create and delete sites, master catalogs, and catalogs

Publish Sets Behaviors


The behaviors under the Publish Sets group are:

Behavior Description
Create PublishSet Definition Create new publish sets
Read PublishSet Definition View existing publish sets
Update PublishSet Definition Change existing publish sets
Delete PublishSet Definition Delete publish sets
Publish PublishSet Definition Publish existing publish sets

Quote Behaviors


The behaviors under the Quote group are:

Behavior Description
Quote Create Create a B2B quote
Quote Delete Delete a B2B quote
Quote Update Update a B2B quote
Quote Read View B2B quotes

Reporting Behaviors


Although all of these behaviors are listed under the Reporting group, only Report Read and Report Definition Update are necessary to enable full read and edit capabilities:

Behavior Description
Report Read View all reports
Report Definition Read
Read existing report definitions (deprecated)
Report Definition Update Edit, schedule, or create report definitions
Report Definition Create
Create new report definitions (deprecated)
Report Definition Delete
Delete existing report definitions (deprecated)

Search Behaviors


The behaviors under the Search group are:

Behavior Description
Create Product Ranking Definition Create new product ranking rules
Read Product Ranking Definition View existing product ranking rules
Update Product Ranking Definition Change existing product ranking rules
Delete Product Ranking Definition Delete product ranking rules

Settings - Custom Routes Behaviors


The behaviors under the Settings - Custom Routes group are:

Behavior Description
Create CustomRoutes Definition Create new custom routes
Read CustomRoutes Definition View existing custom routes
Update CustomRoutes Definition Change existing custom routes
Delete CustomRoutes Definition Delete custom routes

Settings - General Behaviors


The behaviors under the Settings - General group are:

Behavior Description
General Settings Read View the general settings for your sites
General Settings Update Change the general settings for your sites

Settings - Order Behaviors


The behaviors under the Settings - Order group are:

Behavior Description
Order Settings Read View existing order settings
Order Settings Update Change existing order settings

Settings - Platform App Tenants Behaviors


The behaviors under the Settings - Platform App Tenants group are:

Behavior Description
Application Status Enable Enable applications for the tenant

Settings - Shipping Behaviors


The behaviors under the Setting - Shipping group are:

Behavior Description
Shipping Settings Create Create new shipping settings
Shipping Settings Delete Delete existing shipping settings
Shipping Settings Read View existing shipping settings
Shipping Settings Update Change existing shipping settings

Site Behaviors


The behaviors under the Site group are:

Behavior Description
Publish Content Changes Discard or publish staged changes to site content
Site Create Content Create new content in the Content Editor module
Site Create Document List Create new document lists
Site Delete Content Delete content in the Content Editor module
Site Delete Document List Delete document lists
Site Read Content View content in the Content Editor module
Site Read Document List View document lists
Site Update Content Change content in the Content Editor module
Site Update Document List Change document lists
Site Update Theme Change a site's theme
Validate an address Enable address validation in General Settings
Preview Changes before they're published View/preview the site's staging version
Change Content Publishing Mode Change the publishing mode for content changes in the Publishing module
View live content View the site's live version

User Behaviors


The behaviors under the User group are:

Behavior Description
Admin User Create Create new Admin users
Admin User Delete Delete existing Admin users
Admin User Read View existing Admin user details
Admin User Update Change existing Admin user details
User Assign Roles Assign users to roles
User Role Create Create new Admin roles
User Role Delete Delete existing Admin roles
User Role Read View existing Admin role details
User Role Update Change existing Admin role behaviors
Shopper User Create Create shopper accounts
Shopper User Delete Delete shopper accounts
Shopper User Read View shopper account details
Shopper User Update Change shopper account details

Wishlist Behaviors


The behaviors under the Wishlist group are:

Behavior Description
Wishlist Create Create new customer wishlists
Wishlist Delete Delete customer wishlists
Wishlist Read View customer wishlists
Wishlist Update Change customer wishlists