As our merchants grow, and as we get interest from medium-sized and large organizations, we’ve been hearing that they need to limit what various users can see and do.
For instance, we spoke with a merchant this week that has 200 employees plus some outside contractors, such as a call center.
With any organization of that size (and even down to, say, 30 people), the managers of those organizations may need to limit what people can see and do.
Common Scenarios
- Within a large organization, Finance needs access to financial data but not product editing, Sales needs access to customer info but nothing else, Product Marketing needs access to products, coupons, and components, but nothing else.
- A company outsources sales to a call center, and they want the call center staff to see customer records but nothing else.
- A company has 4 business divisions, and each division is a Site in Chargify. Only certain employees should have access to each Site.
- For regulatory compliance reasons, certain staff members can only access your test Sites, while others can access your live Sites.
- A consulting firm has many clients, and some of those clients have Sites in the firm’s Chargify account. The consulting firm needs full access to their clients’ Sites, and they want to give Site-only access to staff members from each client.
- You have an outside firm that does consulting for you, and you want to give them narrow access to your Chargify account so they can do their work but not see or edit various things.
Available on our $459 and Higher Plans
The request for user access controls has almost always come from our $1,299 and higher merchants, as well as from some $459 merchants as they grow their organizations. Thus, we’ve added User Access Controls to the $459 and higher plans.
How It Works
The system implements 3 types of users, plus a selection of fine-grained access controls on the most common type of user.
Types of Users
Within your Chargify account, each user/employee/contractor is classified as one of the following types of users:
- Owner is the account owner (handles Chargify billing) and can see & do everything.
- Admin can create other user and admin accounts, and has full access to all Sites.
- Team Member is limited to certain Sites, can only do what his/her permissions allow, and cannot create other user accounts.
(The first 2 user types have always been available on all Chargify accounts, and they still are.)
Access Controls per Team Member
Since the Owner and Admin users have full and nearly full access to everything, the real control you have is with your Team Member users.
The most basic thing you can do is allow or deny them access to whole Sites in your Chargify account:
- If you deny someone access to a Site, then they won’t even know it exists. This is perfect in situations where you have different businesses and different people for each one, or where regulations like HIPAA or PCI dictate that certain people not have any access at all.
- If you give someone view access to a Site, then they can view some parts of the Site, but their access will be limited to just viewing those things (they can’t create or edit).
If the user needs access to the Site and needs to do deeper things, here’s what you can give them:
- Manages product catalog adds the ability to create & edit products, taxes, and components.
- Views and exports financial metrics adds the ability to see Analytics, Transactions, CSV exports, and metrics on the Site dashboard.
- Manages subscribers and customers adds the ability to create, edit, cancel, and re-activate subscriptions and customers.
Summary
This implementation of User Access Controls will help a lot of medium-sized and large organziations, but there’s a good chance there will be more depth to add as we get feedback in 2013 and 2014. Let us know how it fits your organization.
And as much as we’ve worked on this over the past 3 weeks, we know that there’s probably a bug or two. If you find anything amiss, please let know. We fixed a small bug this morning that was preventing one of the CSV exports from working properly with certain user access settings.
Other Recent Releases
And if you missed any of these, check out the last 4 blog posts about other new functionality at Chargify:
• Custom Fields on Signup Pages
• Prorated User/Software License Billing
• Marketing Emails, Exclusive Coupons
• Two-Factor Authentication, Instant Webhook Testing