⚠️ Migration in progress — As of July 2026, we are migrating all accounts to the new permission system described in this article. We expect to complete this process by the beginning of 2027.
Migration to the new permissions system
To keep your team's access unchanged, we've temporarily added Basic category permissions that mirror your previous access levels.
Over the coming months, we'll replace Basic permissions with more granular ones, product area by product area. When a new granular permission is introduced, it will be automatically assigned to any role that already had access via the corresponding Basic permission. Once a product area is fully covered, the Basic permission for that area is removed.
⚠️ Throughout this process, you remain in full control of your users' permissions. We will never automatically grant access to someone who did not previously have it, or remove access from someone who did when upgrading the system.
How user permissions work
The user permission system controls what each member of your store can do — what data they can view and what actions they can perform.
Configuring permissions carefully helps keep your store secure. By giving each user only the access they need, you limit what they can see or change. If a user makes a mistake or their account is compromised, the potential damage is reduced.
Managing user permissions
Roles are how user access is managed in the Swap platform. You can create, update, or delete roles as needed. For each role, you specify a name and an optional description, then assign permissions to it. When choosing which permissions to assign to a role, you select from a predefined set that covers all Swap products and general platform functionality.
Once your roles are set up, you assign them to users. Each role grants the user access to the functionality its permissions provide. Assigning a user multiple roles gives them the combined access of all assigned roles.
Users
Viewing users
The Users tab lists all members of your store, along with the roles currently assigned to each of them.
Creating a user
When adding a new user to your store, you must provide some basic information about them. You can also assign roles at this stage.
Editing a user
You can update the roles assigned to any user at any time.
Roles
Viewing roles
In the Roles tab, you can see all roles created in your store and the permissions assigned to them.
Creating a role
You can create any number of roles in your store. Each role requires a name. A description is optional. For each role, you must choose at least one permission to assign to it from the list of permissions.
Editing a role
You can update a role at any time, including its name, description, and assigned permissions.
Deleting a role
You can delete a role when it is no longer needed. A confirmation prompt appears before the deletion takes effect.
Default roles
Every store includes three default roles: Default Member, Default Manager, and Default Admin. Default Member has the least access, Default Manager has moderate access, and Default Admin has full access.
You are not required to use these roles. You can keep them as-is, change the permissions assigned to them, use them alongside your own custom roles, or delete them entirely if you prefer to build your own permission structure from scratch. Do not delete or remove your own role that grants permission to manage roles — doing so will lock you out of role management. Contact the support team if this happens.
Basic permissions
During the migration, the following Basic permissions can be assigned to any role. These mirror the access levels from the previous system and will be replaced by granular permissions over time.
Permission | Access |
Admin | Full access to every feature. Can add or delete any user, including other admins. Exclusive access to the Compliance Hub. |
Manager | Access to almost all features — restricted areas such as Invoicing are off-limits. Can add or delete Members and Viewers. |
Member | Access limited to the Returns tab. Cannot add or delete users. |
Viewer | Read-only access to the dashboard. Cannot perform any actions or manage users. |
Setting up your user permissions for success
Keep it simple. The best roles are narrow, clearly named, and map to how your team actually works — in most cases, directly to job titles.
1. Start with the jobs people do
Build roles around responsibilities, not people. Think about what your team does — returns management, customer support, store settings, read-only reporting — and create a role for each function. Use specific names like "Returns Manager", "Support Agent", or "Read-only Finance". Avoid vague names like "Extra Access" or "Custom Role for Lisa" — they become hard to manage.
2. Give each role only the access it needs
Assign only the permissions a role actually needs. This limits the impact if a user makes a mistake or their account is compromised. A Support Agent might need to view orders and returns, but shouldn't have permission to approve refunds or change store settings.
3. Use a smaller number of clear roles
Most stores need only a handful of roles. Too many creates confusion about who can access what. If two roles are nearly identical, merge them. If one is getting too broad, split it.
4. Assign roles carefully
Users can hold multiple roles — their access is the combined total of all assigned roles. Before stacking roles, check that the combination doesn't grant more than intended. Remove temporary access as soon as it's no longer needed.
5. Review access regularly
Revisit role assignments periodically — especially when someone changes responsibilities or leaves. Access that was appropriate six months ago may no longer be.
FAQs
Will my current team lose access during the migration?
No. We have intentionally created and assigned the three default roles to all users, and assigned them the Basic permissions that provide the same level of access as before.
What happens when the migration finishes?
Once we have finished creating all of the granular permissions, we will remove the Basic permissions from the system. Nobody will gain or lose access, as all roles will automatically have been assigned any relevant newly introduced granular permissions.
How do I know what permissions I have?
Your admin can check the roles assigned to your account and the permissions those roles include. There is no self-service view for your own permissions.
What if I remove access from myself and can no longer manage roles?
Contact our support team who will help you regain access.
Can users have multiple roles, and can a role be assigned to multiple users?
Yes to both. Users can be assigned any number of roles and will have the combined access of all of them. A role can also be assigned to as many users as share the same responsibilities.
Someone has left the team — how do I remove their access?
An admin can remove or un-assign roles from that user's account, or delete the user entirely.
Can I set up temporary access to a feature?
Yes, but not automatically. An admin can assign an additional role temporarily and remove it once it's no longer needed.
Can I create a role for just one person?
You can, but roles based on job responsibilities are easier to maintain than roles built around individuals.
What happens to a user's access when their role is edited?
Changes to a role take effect immediately for all users assigned that role.
What happens if I delete a role that is assigned to users?
Those users will lose the access that role provided. Reassign alternative roles before deleting if their access should be maintained.
Is there an audit trail of permission changes?
The Swap platform tracks all changes within your store — contact our support team if you need an audit trail.









