If you were using a paper accounting system, it’s unlikely that you would let everyone dig through file folders, peer at your checkbook register, or look at other employees’ pay stubs. Xero knows this, so it provides an easy way to assign employees through user roles.
By requiring everyone to sign in using their own unique user names and passwords, you can limit them to only the screens that you’ve determined they need to see. You can also specify what activities they’re allowed to do there.
Adding Users to Xero
Click on Settings | General Settings | Users. From the main screen, you can view all users with access to Xero as well as their permissions and if they are using two-factor authentication.
If a user is a Subscriber (the individual who set up Xero and is responsible for subscription payments), their name will have an additional tag indicating as such.
To grant user access to Xero and assign a role with specific permissions, you’ll have to “invite” him or her. Click on Invite a User on the main Users page. Enter a first and last name and email address. Before you send the email (and you’ll have a chance to personalize it), you’ll need to assign a role to the individual and select from the activity options available.
Once you’ve established the employee’s access level and permissions, click Continue. You’ll then have the option to personalize and send an invitation. Click Send Invite.
The employee will receive an email containing a link to Xero, where he or she can click to accept the invite. If he or she does so, one of two buttons will appear:
- Create Login (for a new user)
- Login now (for an existing user).
Admin User Roles
There are two user roles in Xero best suited to adminstrative levels:
- Advisor
- Standard
When you designate someone as a Standard user, you are granting him or her permission to visit and interact with almost all of Xero’s screens. Granting access to cash-coding is optional and there are restrictions on reports.
When you “invite” your accountant in, his or her role will be Advisor. And Advisor role allows full access to accounts, as well as extra permissions. Advisors have the ability to set and work within locked periods and can publish and create custom reports.
Employee User Roles
The employer user roles in Xero are much more customizable. Depending on the employee’s role in the company, you can grant them access to one or all of Xero’s three modules:
- Expenses
- Projects
- Business & Accounting
Here is a summary of the additional user roles in Xero:
Read Only is given to someone who needs to be able to view bank accounts, bills, purchase orders, invoices, reports, etc., but who will not have occasion or add or edit anything.
Invoice Only is a more active role. It’s granted to an employee who will actually be processing transactions but doesn’t need to see bank accounts or reports. You can choose one of four activity levels. If you select:
- Draft only, the employee can add, copy, save, and submit (for approval) invoices, bills, quotes, and purchase orders.
- Approve & Pay, the employee can do all of that plus approve transactions and pay bills, in addition to doing other work with expense claims, contacts, and currencies.
- Sales Only, the employee can create, approve, print, and record payment for invoices, quotes, and customer credit notes
- Purchases Only, the employee can create and approve bills, supplier credit notes and purchase orders, as well as pay bills.
You’ll notice in the grid below that actions are either not available or are limited for some levels. Others can be selected, but you’ll have to choose the allowed actions from drop-down lists.
The mechanics of assigning access levels to Xero are pretty straightforward, but this is an area where you must be clear on exactly what employees can see and do.
You undoubtedly trust your employees or you wouldn’t have hired them; however, a lot of business fraud comes from within an organization. So be safe and use the tools at your disposal to protect your business.
(Updated 8/26/2020)