You are here:
Roles and Permissions in B2C Commerce
We recommend limiting access to modules to only users who use the module. To restrict and grant access to modules, use roles and permissions. When properly configured, a user who logs into B2C Commerce sees only the modules required for their job. This eliminates confusion and increases the security of the organization.
Roles
Roles represent groupings of permissions. They're defined in the context of an organization. Assign multiple roles to a user and associate these roles with permissions. A user owns the permissions assigned to each of their roles. B2C Commerce defines sample roles for the SiteGenesis application site, such as the administrator role. This role has permissions on all Business Manager modules below the Administration menu. Create your own roles depending on your specific needs for the site's organization. Check your assigned roles, including instance filters, on the Account Information page in Account Manager.
Permissions
Configure Business Manager module permissions and functional permissions. Module permissions include the ability to transfer, replicate, and edit B2C Commerce data. Also let users log in on behalf of a shopper or as a shopper, which is useful for support. Specify read or write access for most data, for one or more sites or across all sites in an organization.
Functional permissions let a user perform specific functions in B2C Commerce. To edit data, combine functional permissions with Business Manager module permissions. You can also grant WebDAV permissions.
To view a list of all users assigned to a specific permission, audit a permission.
Business Manager Example
This example assumes you have multiple sites and need to assign different levels of permissions for different users.
| User Name | Title | Access Needs |
|---|---|---|
| Marie | VP of Marketing | Views pricing and inventory for all sites. Views content assets for all sites. |
| Traude | Site Merchandiser | View and edit storefront catalog, pricing, and inventory. A site merchandiser is important if there are multiple businesses running on the same realm that don't want to share data. The site merchandiser can only see data for their site, not data for other sites. |
| Lucas | Site Administrator | Can’t view catalog, pricing, or inventory data. Can transfer data via WebDAV. Can replicate data. Can import or export data. Can run jobs. |
| Henry | eCommerce Developer | Needs full access to catalog, pricing, and inventory data across all sites. Permission to transfer data via WebDAV or replicate data. These permissions only function for his sandbox. |
As a first step, create roles.
| Role | Business Manager Permissions | Functional Permissions |
|---|---|---|
| corporate | For each site, add the following site permissions:
|
No permissions assigned. |
| merchandiser | For a specific site, add the following site permissions:
|
Assign these:
|
| site_admin | Add the following organization permissions:
For a specific site, add the following site permissions:
|
Assign these:
|
| developer |
|
No permissions assigned. |
After you have created the roles, assign users to them.
| Role | Permissions |
|---|---|
| Marie | corporate |
| Traude | merchandiser Note If you wanted Traude to be able to view
prices and inventory for all sites, but only be able to edit the data for her site,
you can also add her to the corporate role. |
| Edward | support_rep |
| Lucas | site_admin |
| Henry | developer |
