Skip to main content
Some clients want to see everything and make changes themselves. Others just want monthly reports — they hired you so they don’t have to think about the books. And a few want access to things they probably shouldn’t touch. Permissions let you match access to the relationship. Full control for hands-on clients, view-only for oversight, limited access for those who just need to upload receipts. You decide what each client can see and do.

Permission levels

LevelWhat they can do
Full accessView and edit everything (like an owner)
Edit accessMake changes, but can’t modify settings
View onlySee everything, can’t change anything
LimitedSee only what you explicitly share
Portal onlyDocument uploads and messaging only

Setting permissions

1

Open client settings

Go to the client and click Settings → Permissions.
2

Choose base level

Select the default permission level for the client.
3

Customize by area

Override permissions for specific features if needed.
4

Save changes

Changes take effect immediately.

Feature-level permissions

Fine-tune access by area:
FeaturePermission options
TransactionsView / Edit / Hide
ReportsView / Hide
InvoicingView / Edit / Hide
PayrollView / Hide
BankingView / Edit / Hide
DocumentsView / Upload / Hide
SettingsView / Edit / Hide
TeamView / Manage / Hide

Example setups

Hands-off client (you do everything):
  • Base: Portal only
  • Documents: Upload
  • Everything else: Hidden
Oversight client (wants to monitor):
  • Base: View only
  • Documents: Upload
  • Reports: View
Active client (does some work):
  • Base: Edit access
  • Payroll: View only
  • Settings: View only

Client users

A client can have multiple users with different permissions:
RoleTypical permissions
OwnerFull access
CFOFull access
BookkeeperEdit transactions only
ManagerView reports only
AssistantDocument upload only

Adding client users

  1. Go to Client → Settings → Users
  2. Click Invite User
  3. Enter email and select role
  4. Send invitation

Managing client users

You control:
  • Who can access the client portal
  • What role each person has
  • Whether they receive notifications
  • Multi-factor authentication requirements

Sensitive data

Some data requires explicit permission to view:
Data typeDefault visibility
Bank balancesVisible to View+
Transaction amountsVisible to View+
Payroll detailsHidden by default
SSN/EINHidden by default
Bank account numbersHidden by default
Override in Settings → Permissions → Sensitive Data.

Action restrictions

Beyond viewing, control what clients can do:
ActionWho can do it
Create transactionsEdit+ only
Categorize transactionsEdit+ only
Create invoicesEdit+ only
Run payrollRequires specific permission
Connect banksRequires specific permission
Change settingsAdmin only

Audit trail

All permission changes are logged:
  • Who changed what
  • When it changed
  • Previous and new values
View in Client → Settings → Audit Log.

Common questions

No. Internal notes and team comments are never visible to clients unless you explicitly share them.
Never. Each client only sees their own data. There’s no way for clients to access or even know about other clients.
Yes. In feature permissions, expand Reports and choose which specific reports they can access.
You can temporarily upgrade their permissions, then downgrade later. Consider using time-limited access for sensitive situations.

Communicate with clients

Send messages and request documents.