User types and permissions

A specific user might not be able to do all the things defined for their user type. The things a user can do also depend on the permissions that are assigned to the user. Further, a user cannot do things that are not allowed for their user type, even if the user is assigned permissions to do those things.

Example:

• You have a user with the Employee user type, which does not allow users to edit customers in Accounts Receivable. The user is assigned a role with permissions to edit customers. Even though the user has permission to edit customers, they cannot edit customers because their user type does not allow it.

User-based permissions and user types

If you have not enabled roles in your company, your company employs user-based permissions. With this permissions model, each user or user group has its own set of permissions.

Here's how it works:

1. When you create a user, the user type that you select sets the maximum number of features that this user can access.
2. When you assign permissions to a particular user, your selections further specify what that user can see and do. For example, although a business user can have unlimited access within your company, you might restrict a particular user by reducing their permissions based on their business function.

Role-based permissions and user types

If you've enabled roles in your company, you use role-based permissions. With this permissions model, you can define a set of roles that are shared by multiple users or user groups. For example, you can define an AP Clerk role that includes permissions to enter and pay bills.

Because a role can be assigned to multiple users, the list of permissions in a role can include more than what's available for certain user types. However, users are still restricted to only features that are defined by their user type.