Learn how to set data level permissions in QuickBooks Desktop Enterprise Platinum, Diamond and Accountant 21.0.
In QuickBooks Desktop Enterprise, you can set different data level permissions for a users job role. This way, you can give access to only the areas of QuickBooks a user needs to do their job.
For example, you can give access to a sales rep in Texas so they can create invoices or email customers for their area’s customer group. You can create groups for vendors a user works with. You can also create groups for employees. Here’s what to do.
How to create a restricted role
- Go to the Company menu, then Users and select Set up Users and Roles.
- Select the Role List tab and select either New or select Edit for an existing role.
- Go to Areas and Activities, then Centers and select either Customer center or Vendor center.
- Select Custom, then select Define.
- Select the customer/employee/vendor groups to give permission at a group level.
- Select the view, modify, delete, print and view balance access levels based on your requirements.
- Note: Creating a new record permission will be global for the role created.
- Select OK to save the role.
How to assign a restricted role to a user
Depending on the user roles assigned, the user will only be able to see and create transactions and entries for their customer or vendor group. They can also see reports based on their group.
- Go to the Company menu, then Users and select Set Up Users and Roles.
- From the Users tab, select either New or select Edit for an existing user.
- Enter the User Name and Password.
- From Available Roles, select the users role then Add.
- When you’re done, select OK.
Am I able to assign multiple roles to a user?
Yes, you can assign multiple roles to a user so they can access different areas of QuickBooks. If the roles have different access levels, for example one role can create invoices and the other can’t, the user will have access to the full permissions.
Can I open a company file with restricted access roles in a different version of QuickBooks Desktop Enterprise?
If you log in using the same user credentials, you’ll be able to access only restricted data for the role. If you’re an admin, you can only make changes to the user role in the most recent version of QuickBooks Desktop.
What happens if I change a role from restricted access to partial or full access in the customer/vendor center?
The role will no longer have restricted access, so the user will be able to view and modify records for their access level. All the data level permissions will be removed, but you can define the groups and add data level permissions again if you change your mind.
Do data level permissions also apply to third-party apps we have connected to QuickBooks Desktop?
No, third-party apps and data will remain the same and depend on the permissions assigned to the user.
Can I edit a group that’s used to define the restricted access role?
Yes, only the admin can edit the group if it’s used to define a restricted role. If the group isn’t used for restricted access, any user with full access to the customer and vendor center can edit the group.
Can I delete a group that’s used to define the restricted access role?
An admin can delete the group if it’s not used for a restricted role. If the group is used for a restricted role, you can delete the group after it’s unlinked from the user role.
For groups using payment reminders or automated payments, you’re not able to delete the group.