How to set Magento user permissions?

Magento 2 uses roles and permissions to create different levels of admin access. There are default settings for this feature, and there are advanced ones that you can implement by installing our Advanced Permissions extension. 

How to set user permissions in vanilla Magento?

Here are the main steps of Magento 2 admin user create in terms of user permissions:

Step 1. Firstly, you need to define a role by navigating to System > Permissions > User Roles.

Step 2. Click the Add New Role button.

Step 3. Write the Role Name in the Role Information field.Enter Your Password in the Current User Identity Verification section. 

Step 4. Set the Role Scope dropdown to All or Custom. If you choose Custom, you need to choose the options of the website and store where the role will be used.

Note:  disable access to the Permissions tool if you restrict access for a given role to prevent users from changing their permissions.

Step 5. Set the Role Resources dropdown to Custom.

Step 6. In the appeared tree, tick each admin Resource to which the role will have access.

To create an Administrator role with access to tax settings, select the Sales/Tax and System/Tax resources. If you are configuring a website for a region other than the default origin, you will need to allow access to System/Shipping resources for that role. Shipping settings define the tax rate of the shop that is used for catalog prices.

Step 7. Click the Save Role button. The role is now displayed in the grid, and you can assign it to user accounts.

Step 8. In the Role grid, go to the record in edit mode.

Step 9. In the Current User Authentication section, enter your password.

Step 10. Go to the Role Users section. It appears after the new role is saved only.

Step 10. Enter a value in the search filter at the top of the column to find a specific user record > Press Enter > click Reset Filter to return to the full list.

Step 13. Tick users to be assigned the role.

Step 14. Click Save Role.

You can use the Advanced Permissions extension to ease the process of managing roles and give your managers different advanced permissions.

How to set Magento user permissions using the Advanced Permissions extension?

Using this extension, you can create advanced permissions:

Scope parameter. If you choose the Specified Websites or Specified Store Views in the dropdown, then more options to limit access to will appear:

• orders
• invoices and transactions
• shipments
• credit memos.

You have to choose between the Yes or No variants.

1. Categories parameter. On this tab, you can give the chosen role access to all product categories or limit it to selected categories. You have to tick the needed categories or subcategories to permit access to them.
2. You can get the Magento 2 Admin User Role parameter configured to get the required roles. By configuring it, you allow a specific user to create new users with the selected roles. Select the appropriate option from the drop-down menu and select the required roles.
3. Products parameter. This section gives you the ability to give access to all, only selected or created by you, products. If you choose the second option, then you will need to mark the desired product. If you choose the third, then you can make products available only to their owners.
4. Product Attributes parameter. In the Product Attributes section, you have the option to restrict access to specific product attributes. Switch the Allow Access To dropdown to the Selected Attributes and choose the required attributes for the role.

Note: If you want to create more users, navigate to System > Permissions > All Users and click the Add New User key. After that, fulfill account information and go to the User Role tab. Choose the needed radio button to give the user specific administrative permissions. Click Save User to save the changes.

How do I manage user roles in Magento?

To manage user roles in Magento, you need to first create a new role by navigating to "System" > "User Roles" in the backend. Next, click on "Add New Role" and specify the role name, role information, and role resources. After creating the role, you can assign users to it by going to "System" > "All Users" and editing the user you want to assign the role to. Under the "User Role" section, select the role you created and save the changes. This allows you to control the level of access users have within your Magento store