User Roles

Your organization most likely employs individuals with expertise in various areas of ecommerce, and they may all need different levels of access to Admin. Roles define a user's level of access in the form of behaviors. There are several default roles that come with Admin, but you can also create custom roles to better fit the needs of your organization.

Note that changes to these settings may not immediately take effect when processing orders. It may take up to 15 minutes for updates to be reflected in the system while the cache refreshes.

How Roles Work

A role is a title given to a user that determines what their account permissions ("behaviors") are. There are a set of default roles that come configured with the Kibo platform, and each role has a set of assigned behaviors already enabled for its users. These behaviors are often the ability to Create, Read, Delete, and Update different datapoints such as products, discounts, promotions, etc.

View all roles under the Roles link in the Permissions tab of the homepage or go to System > Permissions > Roles from the Kibo homepage or elsewhere in Admin. Click a role to view its behaviors, or create a new role.

The Roles page

Create a Role

To create a custom role:

Go to System > Permissions > Roles.
Click Create New Role.
Enter a Name for the role.
Choose a Behavior Category.
Under the Behavior Name heading, select the behaviors you want to add to the role. A summary of the selections for all behavior categories is displayed on the right, under the Selected Behavior heading.
Click Save.

Default Roles

Kibo eCommerce comes with default roles that define a user's eligible level of access in Admin in the form of behaviors. You can use these roles to assign responsibilities to members of your organization.

Default Role List

The default Admin roles and their behaviors are listed below.

Catalog Manager
- Product: Product Create, Product Read, Product Update, Product Delete, Product Category Create, Product Category Read, Product Category Update, Publish Product Changes
- Site: Site Create Content, Site Read Content, Site Update Content, Site Create Document List, Site Read Document List, Site Update Document List, View Live Content
- User: Admin User Read, User Role Read, User Assign Roles
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
- Reporting: Report Read
Inventory Manager
- Product: Product Create, Product Read, Product Update, Product Delete
- Site: View live content
- Location: Location Read
- Reporting: Report Read
Location Manager
- Site: View live content
- Order: Order Read, Order Update - All, Order Ship
- Location: Location Create, Location Read, Location Update, Location Delete
- Reporting: Report Read
Order Manager
- Product: Product Read
- Site: View live content
- Customer: Customer Create, Customer Read, Customer Update, Customer Delete
- Payment: Payment Create, Payment Read, Payment Update, Payment Delete
- Order: Order Create, Order Read, Order Update - All, Order Delete, Order Cancel, Order Apply Payment, Order Ship
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
Fulfillment Agent
- Site: View live content
- Order: Order Read, Order Update - All, Order Ship
- Reporting: Report Read
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
Promotion Manager
- Product: Product Read, Product Category Read
- Site: View live content
- Discount: Discount Create, Discount Read, Discount Update, Discount Delete
- Channel: Channel Read
- Reporting: Report Read
- Extensibility: Extensibility Create, Extensibility Read, Extensibility Update, Extensibility Delete
- Location: Location Read
Report Viewer - All
- Site: View live content
- Reporting: Report Read
Sales Representative
- B2B Account: B2B Account Create, B2B Account Delete, B2B Account Read, B2B Account Update
- Customer: Customer Read, Customer Update
- Extensibility: Extensibility Read
- Order: Order Read
- Purchase Order: Purchase Order Read, Purchase Order Create, Purchase Order Update
- Price List: Read Price List
- Quote: Quote Create, Quote Delete, Quote Read, Quote Update
- User: Shopper User Read, Shopper User Create, Shopper User Update, Shopper User Delete
- Wishlist: Wishlist Read
Content Manager
- Product: Product Read, Product Category Read
- Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, View live content
- Channel: Channel Read
- Location: Location Read
- Reporting: Report Read
Site Designer
- Product: Product Read, Product Category Read
- Site: Site Create Content, Site Read Content, Site Update Content, Site Delete Content, Site Create Document List, Site Read Document List, Site Update Document List, Site Delete Document List, Publish Content Changes, Site Update Theme, View live content
- Channel: Channel Read
- Location: Location Read
- Reporting: Report Read
Customer Manager
- Site: View live content
- Customer: Customer Create, Customer Read, Customer Update, Customer Delete
- Reporting: Report Read
Site Reviewer
- Site: Preview Changes before they're published, View live content
Extension Log Reader
- Tenant: Log Read Behavior
Admin
- The Admin role has all the behaviors of the SuperAdmin role except for the following: Product Code Change, Admin User Create, Admin User Update, Admin User Delete, User Role Create, User Role Update, User Role Delete.
SuperAdmin
- The SuperAdmin role has all behaviors in Kibo eCommerce, including Override Order Update Restriction, except for Customer Password Update.

You cannot change any default roles. If you want to change a default role, you must create a custom role and add any required user behaviors to the custom role. This guide demonstrates how to do these tasks in the user interface, but the User Management APIs can also be used to manage roles and user accounts.

Fulfiller Roles

To support order management, additional fulfillment-related roles have been created. These are Fulfillment Manager and Fulfillment Employee roles that come in two types: global and location-specific. Globals are available by default, while location-specific roles are treated like custom roles but are automatically generated for each location that is created in Admin. These custom roles have permissions based on the global versions, but the permissions can be customized on a location basis if desired.

Close-up of global and location-specific roles

Employees can only fulfill shipments, while managers can both fulfill shipments and manage employees. Global managers and employees have access to this information for all locations, while location-specific users can only view the shipments (and other users, if a manager) from the location they are assigned to.

Managers can assign employee and manager roles to users they have access to, which means that they can upgrade an employee to a manager. However, only global managers can assign the global versions of these roles - if they are location-specific then they can only assign location-specific employees and managers.

Global Fulfillment Manager
- Site: View live content
- Channel: Channel Read
- Reporting: Report Read
- Location: Location Read
- Order: Order Read, Order Update – All, Order Ship
- SettingsOrder: Order Settings Read
- User: Admin User Read, Admin User Create, Admin User Update, User Role Read
Global Fulfillment Employee
- Site: View live content
- Channel: Channel Read
- Reporting: Report Read
- Location: Location Read
- Order: Order Read, Order Update – All, Order Ship
- SettingsOrder: Order Settings Read

In a case where multiple roles are assigned to a user, the one with broader access takes precedence. For example, a user could have the role of both a Store Employee that can fulfill shipments at Location A and a StoreAdmin that can fulfill shipments at Locations A, B, and C. But this makes the Store Employee role redundant and so the user will have the access of a SuperAdmin.

Managing Order Routing Access

Access to the Order Routing application is not granted by a dedicated order routing user role, but rather by a behavior that can be assigned to existing roles. This behavior is called "Order Routing" and is included with the Admin and SuperAdmin role by default.

These users are able to view the Order Routing tile on the Kibo homepage and access the application with read/write permissions to manage routing rules.

Role Behaviors

The following sections list the role behaviors in Admin. To view each role's assigned behaviors:

Go to System > Permissions > Roles.
Select the role whose behaviors you wish to view.
The role's assigned behaviors appear in the View Role modal.

Account Behaviors

The behaviors under the Account group are:

Behavior	Description
Account Install App	Install apps to the account
Account View Statement	View account statement details

B2B Account Behaviors

The behaviors under the B2B Account group are:

Behavior	Description
B2B Account Create	Create a B2B account
B2B Account Delete	Delete a B2B account
B2B Account Read	View a B2B account
B2B Account Update	Make changes to a B2B account

Cart Behaviors

The behaviors under the Cart group are:

Behavior	Description
Cart Delete	Delete a shopper's cart
Cart Read	View a shopper's cart
Cart Update	Make changes to a shopper's cart

Channel Behaviors

The behaviors under the Channel group are:

Behavior	Description
Channel Create	Create new channels
Channel Delete	Delete existing channels
Channel Read	View existing channel details
Channel Update	Change existing channel details
ChannelGroup Create	Create new channel groups
ChannelGroup Delete	Delete existing channel groups
ChannelGroup Read	View existing channel group details
ChannelGroup Update	Change existing channel group details

Credit Behaviors

The behaviors under the Credit group are:

Behavior	Description
Credit Create	Create new store credit for customers
Credit Delete	Delete existing store credit
Credit Read	View existing store credit details
Credit Update	Change existing store credit details

Customer Behaviors

The behaviors under the Customer group are:

Behavior	Description
Customer Create	Create new customer accounts
Customer Delete	Delete existing customer accounts
Customer Read	View existing customer account details
Customer Update	Change existing customer account details
Stock Notification Create	Create stock notifications
Stock Notification Delete	Delete stock notifications
Stock Notification Read	View stock notification details
Stock Notification Update	Change stock notification details
Customer Password Update	Reset existing customer account passwords

Discount Behaviors

The behaviors under the Discount group are:

Behavior	Description
Discount Create	Create new discounts
Discount Delete	Delete existing discounts
Discount Read	View discount details
Discount Update	Change discount details

Event Subscriptions Behaviors

The behaviors under the Event Subscriptions group are:

Behavior	Description
Create Event Subscriptions	Create event subscriptions
Delete Event Subscriptions	Delete event subscriptions
Read Event Subscriptions	View event subscription details
Update Event Subscriptions	Change event subscription details

Extensibility Behaviors

The behaviors under the Extensibility group are:

Behavior	Description
Extensibility Create	Create extensions
Extensibility Delete	Delete extensions
Extensibility Read	View extension details
Extensibility Update	Update extension details

Installed Application Behaviors

The behaviors under the Installed Application group are:

Behavior	Description
Delete installed applications	Delete installed applications
Read installed applications	View the installed applications
Update installed applications	Change installed applications

Location Behaviors

The behaviors under the Location group are:

Behavior	Description
Location Create	Create new locations
Location Delete	Delete existing locations
Location Read	View existing location details
Location Update	Change existing location details

Order Behaviors

The behaviors under the Order group are:

Behavior	Description
Order Apply Payment	Apply a payment to an order
Order Cancel	Cancel an order
Order Create	Create a new order
Order Delete	Delete an existing order
Order Fulfill	Fulfill an order
Order Read	View the details of an order
Order Ship	Ship an order
Override Order Update Restriction	If an order has been set to restrict editing or cancellation, this behavior will override those flags and allow the user to edit and cancel the order
Note: In addition to their unique permissions, each Order Update behavior listed below can accept and cancel orders, resend order emails, edit internal notes on the order, and print order templates such as the Order Details template.
Order Update - Items	Change only the details of order items and their quantities
Order Update - Pricing	Change only the pricing information related to an order
Order Update - Discounts	Change only the discount information of an order
Order Update - Attributes	Change only the attributes on an order
Order Update - Manual Adjustments	Change only the order subtotal and the shipping cost of an order

Payment Behaviors

The behaviors under the Payment group are:

Behavior	Description
Payment Create	Create a payment for an order
Payment Delete	Delete a payment for an order
Payment Read	View the payment details for an order
Payment Update	Change the payment details for an order
Read Payment Settings	View the payment settings
Update Payment Settings	Change the payment settings

Product Behaviors

The behaviors under the Product group are:

Behavior	Description
Product Create	Create new products
Product Delete	Delete products
Product Read	View product details
Product Update	Change product details
Publish Product Changes	Discard or publish staged changes to products
Product Category Create	Create new product categories
Product Category Delete	Delete product categories
Product Category Read	View product category details
Product Category Update	Change product category details
Change Product Publishing Mode	Change the publishing mode for product changes in the Publishing module
Create inventory	Create inventory
Delete inventory	Delete inventory
Read inventory	View inventory details
Update inventory	Change inventory details
Product Code Change	Change product codes
Product Type Change	Change product types

Provisioning Behaviors

The behaviors under the Provisioning group are:

Behavior	Description
Create and Delete Sites and Master Catalogs and Catalogs	Create and delete sites, master catalogs, and catalogs

Publish Sets Behaviors

The behaviors under the Publish Sets group are:

Behavior	Description
Create PublishSet Definition	Create new publish sets
Read PublishSet Definition	View existing publish sets
Update PublishSet Definition	Change existing publish sets
Delete PublishSet Definition	Delete publish sets
Publish PublishSet Definition	Publish existing publish sets

Quote Behaviors

The behaviors under the Quote group are:

Behavior	Description
Quote Create	Create a B2B quote
Quote Delete	Delete a B2B quote
Quote Update	Update a B2B quote
Quote Read	View B2B quotes

Reporting Behaviors

The behaviors under the Reporting group are:

Behavior	Description
Report Read	View all reports
Report Definition Create	Create new report definitions
Report Definition Delete	Delete existing report definitions
Report Definition Read	View existing report definitions
Report Definition Update	Change existing report definitions
Read customer report	View customer reports
Read operational report	View operational reports
Read product report	View product reports
Read sales report	View sales reports

Search Behaviors

The behaviors under the Search group are:

Behavior	Description
Create Product Ranking Definition	Create new product ranking rules
Read Product Ranking Definition	View existing product ranking rules
Update Product Ranking Definition	Change existing product ranking rules
Delete Product Ranking Definition	Delete product ranking rules

Settings - Custom Routes Behaviors

The behaviors under the Settings - Custom Routes group are:

Behavior	Description
Create CustomRoutes Definition	Create new custom routes
Read CustomRoutes Definition	View existing custom routes
Update CustomRoutes Definition	Change existing custom routes
Delete CustomRoutes Definition	Delete custom routes

Settings - General Behaviors

The behaviors under the Settings - General group are:

Behavior	Description
General Settings Read	View the general settings for your sites
General Settings Update	Change the general settings for your sites

Settings - Order Behaviors

The behaviors under the Settings - Order group are:

Behavior	Description
Order Settings Read	View existing order settings
Order Settings Update	Change existing order settings

Settings - Platform App Tenants Behaviors

The behaviors under the Settings - Platform App Tenants group are:

Behavior	Description
Application Status Enable	Enable applications for the tenant

Settings - Shipping Behaviors

The behaviors under the Setting - Shipping group are:

Behavior	Description
Shipping Settings Create	Create new shipping settings
Shipping Settings Delete	Delete existing shipping settings
Shipping Settings Read	View existing shipping settings
Shipping Settings Update	Change existing shipping settings

Site Behaviors

The behaviors under the Site group are:

Behavior	Description
Publish Content Changes	Discard or publish staged changes to site content
Site Create Content	Create new content in the Content Editor module
Site Create Document List	Create new document lists
Site Delete Content	Delete content in the Content Editor module
Site Delete Document List	Delete document lists
Site Read Content	View content in the Content Editor module
Site Read Document List	View document lists
Site Update Content	Change content in the Content Editor module
Site Update Document List	Change document lists
Site Update Theme	Change a site's theme
Validate an address	Enable address validation in General Settings
Preview Changes before they're published	View/preview the site's staging version
Change Content Publishing Mode	Change the publishing mode for content changes in the Publishing module
View live content	View the site's live version

User Behaviors

The behaviors under the User group are:

Behavior	Description
Admin User Create	Create new Admin users
Admin User Delete	Delete existing Admin users
Admin User Read	View existing Admin user details
Admin User Update	Change existing Admin user details
User Assign Roles	Assign users to roles
User Role Create	Create new Admin roles
User Role Delete	Delete existing Admin roles
User Role Read	View existing Admin role details
User Role Update	Change existing Admin role behaviors
Shopper User Create	Create shopper accounts
Shopper User Delete	Delete shopper accounts
Shopper User Read	View shopper account details
Shopper User Update	Change shopper account details

Wishlist Behaviors

The behaviors under the Wishlist group are:

Behavior	Description
Wishlist Create	Create new customer wishlists
Wishlist Delete	Delete customer wishlists
Wishlist Read	View customer wishlists
Wishlist Update	Change customer wishlists