Your organization most likely employs individuals with expertise in various areas of ecommerce, and they may all need different levels of access to Admin. Roles define a user's level of access in the form of behaviors. There are several default roles that come with Admin, but you can also create custom roles to better fit the needs of your organization.
Note that changes to these settings may not immediately take effect when processing orders. It may take up to 15 minutes for updates to be reflected in the system while the cache refreshes.
How Roles Work
A role is a title given to a user that determines what their account permissions ("behaviors") are. There are a set of default roles that come configured with the Kibo platform, and each role has a set of assigned behaviors already enabled for its users. These behaviors are often the ability to Create, Read, Delete, and Update different datapoints such as products, discounts, promotions, etc.
View all roles under the Roles link in the Permissions tab of the homepage or go to System > Permissions > Roles from the Kibo homepage or elsewhere in Admin. Click a role to view its behaviors, or create a new role.
Create a Role
To create a custom role:
- Go to System > Permissions > Roles.
- Click Create New Role.
- Enter a Name for the role.
- Choose a Behavior Category.
- Under the Behavior Name heading, select the behaviors you want to add to the role. A summary of the selections for all behavior categories is displayed on the right, under the Selected Behavior heading.
- Click Save.
Default Roles
Kibo eCommerce comes with default roles that define a user's eligible level of access in Admin in the form of behaviors. You can use these roles to assign responsibilities to members of your organization.
Default Role List
The default Admin roles and their behaviors are listed below.
- Catalog Manager
- Product: Product Create, Product Read, Product Update, Product Delete, Product Category Create, Product Category Read, Product Category Update, Publish Product Changes
- Site: Site Create Content, Site Read Content, Site Update Content, Site Create Document List, Site Read Document List, Site Update Document List, View Live Content
- User: Admin User Read, User Role Read, User Assign Roles
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
- Reporting: Report Read
- Inventory Manager
- Product: Product Create, Product Read, Product Update, Product Delete
- Site: View live content
- Location: Location Read
- Reporting: Report Read
- Location Manager
- Site: View live content
- Order: Order Read, Order Update - All, Order Ship
- Location: Location Create, Location Read, Location Update, Location Delete
- Reporting: Report Read
- Order Manager
- Product: Product Read
- Site: View live content
- Customer: Customer Create, Customer Read, Customer Update, Customer Delete
- Payment: Payment Create, Payment Read, Payment Update, Payment Delete
- Order: Order Create, Order Read, Order Update - All, Order Delete, Order Cancel, Order Apply Payment, Order Ship
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
- Fulfillment Agent
- Site: View live content
- Order: Order Read, Order Update - All, Order Ship
- Reporting: Report Read
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
- Promotion Manager
- Product: Product Read, Product Category Read
- Site: View live content
- Discount: Discount Create, Discount Read, Discount Update, Discount Delete
- Channel: Channel Read
- Reporting: Report Read
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
- Report Viewer - All
- Site: View live content
- Reporting: Report Read
- Sales Representative
- B2B Account: B2B Account Create, B2B Account Delete, B2B Account Read, B2B Account Update
- Customer: Customer Read, Customer Update
- Extensibility: Extensibility Read
- Order: Order Read
- Purchase Order: Purchase Order Read, Purchase Order Create, Purchase Order Update
- Price List: Read Price List
- Quote: Quote Create, Quote Delete, Quote Read, Quote Update
- User: Shopper User Read, Shopper User Create, Shopper User Update, Shopper User Delete
- Wishlist: Wishlist Read
- Content Manager
- Product: Product Read, Product Category Read
- Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, View live content
- Channel: Channel Read
- Location: Location Read
- Reporting: Report Read
- Site Designer
- Product: Product Read, Product Category Read
- Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, Site Update Theme, View live content
- Channel: Channel Read
- Location: Location Read
- Reporting: Report Read
- Customer Manager
- Site: View live content
- Customer: Customer Create, Customer Read, Customer Update, Customer Delete
- Reporting: Report Read
- Site Reviewer
- Site: Preview Changes before they're published, View live content
- Extension Log Reader
- Tenant: Log Read Behavior
- Admin
- The Admin role has all the assigned behaviors of the SuperAdmin role except for the following: Product Code Change, Admin User Create, Admin User Update, Admin User Delete, User Role Create, User Role Update, User Role Delete.
- SuperAdmin
- The SuperAdmin role has all behaviors in Kibo eCommerce except for Customer Password Update.
You cannot change any default roles. If you want to change a default role, you must create a custom role and add any required user behaviors to the custom role. This guide demonstrates how to do these tasks in the user interface, but the User Management APIs can also be used to manage roles and user accounts.
Fulfiller Roles
To support order management, additional fulfillment-related roles have been created. These are Fulfillment Manager and Fulfillment Employee roles that come in two types: global and location-specific. Globals are available by default, while location-specific roles are treated like custom roles but are automatically generated for each location that is created in Admin. These custom roles have permissions based on the global versions, but the permissions can be customized on a location basis if desired.
Employees can only fulfill shipments, while managers can both fulfill shipments and manage employees. Global managers and employees have access to this information for all locations, while location-specific users can only view the shipments (and other users, if a manager) from the location they are assigned to.
Managers can assign employee and manager roles to users they have access to, which means that they can upgrade an employee to a manager. However, only global managers can assign the global versions of these roles - if they are location-specific then they can only assign location-specific employees and managers.
- Global Fulfillment Manager
- Site: View live content
- Channel: Channel Read
- Reporting: Report Read
- Location: Location Read
- Order: Order Read, Order Update – All, Order Ship
- SettingsOrder: Order Settings Read
- User: Admin User Read, Admin User Create, Admin User Update, User Role Read
- Global Fulfillment Employee
- Site: View live content
- Channel: Channel Read
- Reporting: Report Read
- Location: Location Read
- Order: Order Read, Order Update – All, Order Ship
- SettingsOrder: Order Settings Read
In a case where multiple roles are assigned to a user, the one with broader access takes precedence. For example, a user could have the role of both a Store Employee that can fulfill shipments at Location A and a StoreAdmin that can fulfill shipments at Locations A, B, and C. But this makes the Store Employee role redundant and so the user will have the access of a SuperAdmin.
Managing Order Routing Access
Access to the Order Routing application is not granted by a dedicated order routing user role, but rather by a behavior that can be assigned to existing roles. This behavior is called "Order Routing" and is included with the Admin and SuperAdmin role by default.
These users are able to view the Order Routing tile on the Kibo homepage and access the application with read/write permissions to manage routing rules.
Role Behaviors
The following sections list the role behaviors in Admin. To view each role's assigned behaviors:
- Go to System > Permissions > Roles.
- Select the role whose behaviors you wish to view.
- The role's assigned behaviors appear in the View Role modal.
Account Behaviors
The behaviors under the Account group are:
| Behavior | Description |
|---|---|
| Account Install App | Install apps to the account |
| Account View Statement | View account statement details |
B2B Account Behaviors
The behaviors under the B2B Account group are:
| Behavior | Description |
|---|---|
| B2B Account Create | Create a B2B account |
| B2B Account Delete | Delete a B2B account |
| B2B Account Read | View a B2B account |
| B2B Account Update | Make changes to a B2B account |
Cart Behaviors
The behaviors under the Cart group are:
| Behavior | Description |
|---|---|
| Cart Delete | Delete a shopper's cart |
| Cart Read | View a shopper's cart |
| Cart Update | Make changes to a shopper's cart |
Channel Behaviors
The behaviors under the Channel group are:
Credit Behaviors
The behaviors under the Credit group are:
Customer Behaviors
The behaviors under the Customer group are:
| Behavior | Description |
|---|---|
| Customer Create | Create new customer accounts |
| Customer Delete | Delete existing customer accounts |
| Customer Read | View existing customer account details |
| Customer Update | Change existing customer account details |
| Stock Notification Create | Create stock notifications |
| Stock Notification Delete | Delete stock notifications |
| Stock Notification Read | View stock notification details |
| Stock Notification Update | Change stock notification details |
| Customer Password Update | Reset existing customer account passwords |
Discount Behaviors
The behaviors under the Discount group are:
| Behavior | Description |
|---|---|
| Discount Create | Create new discounts |
| Discount Delete | Delete existing discounts |
| Discount Read | View discount details |
| Discount Update | Change discount details |
Event Subscriptions Behaviors
The behaviors under the Event Subscriptions group are:
Extensibility Behaviors
The behaviors under the Extensibility group are:
| Behavior | Description |
|---|---|
| Extensibility Create | Create extensions |
| Extensibility Delete | Delete extensions |
| Extensibility Read | View extension details |
| Extensibility Update | Update extension details |
Installed Application Behaviors
The behaviors under the Installed Application group are:
| Behavior | Description |
|---|---|
| Delete installed applications | Delete installed applications |
| Read installed applications | View the installed applications |
| Update installed applications | Change installed applications |
Location Behaviors
The behaviors under the Location group are:
| Behavior | Description |
|---|---|
| Location Create | Create new locations |
| Location Delete | Delete existing locations |
| Location Read | View existing location details |
| Location Update | Change existing location details |
Order Behaviors
The behaviors under the Order group are:
Payment Behaviors
The behaviors under the Payment group are:
Product Behaviors
The behaviors under the Product group are:
| Behavior | Description |
|---|---|
| Product Create | Create new products |
| Product Delete | Delete products |
| Product Read | View product details |
| Product Update | Change product details |
| Publish Product Changes | Discard or publish staged changes to products |
| Product Category Create | Create new product categories |
| Product Category Delete | Delete product categories |
| Product Category Read | View product category details |
| Product Category Update | Change product category details |
| Change Product Publishing Mode | Change the publishing mode for product changes in the Publishing module |
| Create inventory | Create inventory |
| Delete inventory | Delete inventory |
| Product Code Change | Change product codes |
| Read inventory | View inventory details |
| Update inventory | Change inventory details |
Provisioning Behaviors
The behaviors under the Provisioning group are:
| Behavior | Description |
|---|---|
| Create and Delete Sites and Master Catalogs and Catalogs | Create and delete sites, master catalogs, and catalogs |
Publish Sets Behaviors
The behaviors under the Publish Sets group are:
Quote Behaviors
The behaviors under the Quote group are:
| Behavior | Description |
|---|---|
| Quote Create | Create a B2B quote |
| Quote Delete | Delete a B2B quote |
| Quote Update | Update a B2B quote |
| Quote Read | View B2B quotes |
Reporting Behaviors
The behaviors under the Reporting group are:
Search Behaviors
The behaviors under the Search group are:
Settings - Custom Routes Behaviors
The behaviors under the Settings - Custom Routes group are:
Settings - General Behaviors
The behaviors under the Settings - General group are:
| Behavior | Description |
|---|---|
| General Settings Read | View the general settings for your sites |
| General Settings Update | Change the general settings for your sites |
Settings - Order Behaviors
The behaviors under the Settings - Order group are:
| Behavior | Description |
|---|---|
| Order Settings Read | View existing order settings |
| Order Settings Update | Change existing order settings |
Settings - Platform App Tenants Behaviors
The behaviors under the Settings - Platform App Tenants group are:
| Behavior | Description |
|---|---|
| Application Status Enable | Enable applications for the tenant |
Settings - Shipping Behaviors
The behaviors under the Setting - Shipping group are:
Site Behaviors
The behaviors under the Site group are:
| Behavior | Description |
|---|---|
| Publish Content Changes | Discard or publish staged changes to site content |
| Site Create Content | Create new content in the Site Builder module |
| Site Create Document List | Create new document lists |
| Site Delete Content | Delete content in the Site Builder module |
| Site Delete Document List | Delete document lists |
| Site Read Content | View content in the Site Builder module |
| Site Read Document List | View document lists |
| Site Update Content | Change content in the Site Builder module |
| Site Update Document List | Change document lists |
| Site Update Theme | Change a site's theme |
| Validate an address | Enable address validation in General Settings |
| Preview Changes before they're published | View/preview the site's staging version |
| Change Content Publishing Mode | Change the publishing mode for content changes in the Publishing module |
| View live content | View the site's live version |
User Behaviors
The behaviors under the User group are:
| Behavior | Description |
|---|---|
| Admin User Create | Create new Admin users |
| Admin User Delete | Delete existing Admin users |
| Admin User Read | View existing Admin user details |
| Admin User Update | Change existing Admin user details |
| User Assign Roles | Assign users to roles |
| User Role Create | Create new Admin roles |
| User Role Delete | Delete existing Admin roles |
| User Role Read | View existing Admin role details |
| User Role Update | Change existing Admin role behaviors |
| Shopper User Create | Create shopper accounts |
| Shopper User Delete | Delete shopper accounts |
| Shopper User Read | View shopper account details |
| Shopper User Update | Change shopper account details |