Roles & Permissions
Overview
Everyone who signs in to the admin console or the POS does so as a user with a role — and that role decides what they can see and do. A cashier shouldn't reach your tax settings; an accountant only needs sales figures. Roles draw those lines for you.
Rewardly ships with sensible defaults for each role, so most merchants never touch permissions at all. When you do need finer control, the Role-Permissions matrix lets you adjust exactly which actions each role can perform.
This page covers both the roles themselves and the two screens that govern them — the Role-Permissions matrix (admin side) and POS Users (the till side).
The roles
A user's role is set on their staff account — see Staff Accounts. These are the roles Rewardly recognises:
| Role | Who it's for |
|---|---|
| superAdmin | Rewardly staff. Full access, including screens hidden from everyone else. You won't assign this. |
| merchantAdmin | The business owner or manager — full run of the admin console for their merchant. |
| outletAdmin | A manager for one outlet — runs that branch without merchant-wide settings. |
| outletRegisterAdmin | A till-level supervisor. In the orders list, the Outlet and Register filters are hidden for this role. |
| cashier | Front-line POS staff who ring up sales and take payment. |
| accountant | Finance staff. Sees sales and reports — and only those (see below). |
| conciergeService | Concierge-desk staff running the stamp/concierge flow on the POS. |
| waiter | Table-service floor staff. Can be limited to specific tables. |
Roles are fixed; permissions are tunable
You can't invent new role names. What you can do is reshape what each existing role is allowed to do, using the Role-Permissions matrix below.
How permissions work
Behind the scenes every protected action runs through one check — is this role allowed to do this thing to this resource? That single rule governs:
- Which items appear in the sidebar.
- Whether the Create, Edit, Show, Delete, and bulk buttons show up on a list.
- Whether a screen opens at all — a blocked screen shows a Permission Denied panel instead of its contents.
- Several POS-app abilities (refunds, discounts, admin access).
The defaults are built in. The Role-Permissions matrix lets a superAdmin override those defaults per merchant.
Some screens are locked to Rewardly staff
A few menu items are hard-locked to superAdmin regardless of the matrix — notably Role Permissions itself and the Manual PayNow report. Adjusting permissions can't unlock these.
Separately, the accountant role is redirected straight to the Sales Summary report on sign-in — it never lands on the dashboard.
The Role-Permissions matrix
superAdmin only
This screen is visible only to Rewardly staff. If you need a role's permissions changed, contact Rewardly support and we'll set it up with you.
The matrix is the single source of truth for every permission check across the admin console and the POS. Open it from the sidebar at Role Permissions.
What it looks like
- Pick a role from the chips at the top — the grid below shows that one role's permissions.
- Resources are the rows, grouped into two scopes — ADMIN and POS ACCESS — inside collapsible category cards. Each row carries a scope chip (admin / pos / both) showing which app that resource governs.
- Actions are the columns, in this order: Show, List, Create, Edit, Delete, Bulk Delete — plus any extra actions a resource supports (for example, Import Users on the members resource). Hover an action for a tooltip explaining it.
- A cell that's been changed from its built-in default is shown amber and bold, so you can see at a glance what's been customised.
Saving and resetting
| Control | What it does |
|---|---|
| Save (N) | Saves your changes. The number is how many unsaved overrides differ from the last saved version. A success toast confirms "Role permissions saved". |
| Reset to defaults | Reverts the selected role to Rewardly's built-in defaults. A confirm dialog ("Reset N overrides for <role>") guards it. |
Changes are stored per merchant, so one merchant's overrides never affect another.
A note on menu visibility
Permissions decide most of what a role sees, but a handful of sidebar groups also carry their own fixed role lists on top of the matrix. So even with a generous matrix, a role may still not see, say, the Rewardly POS report group if it isn't on that group's list — and the superAdmin-only items stay hidden no matter what.
POS Users
The matrix governs the admin console. POS Users governs the till. It maps a platform user to POS access and sets what they can do once they're logged in to a register.
Open it from the sidebar at POS Users, then Create.
Linking a user
| Field | What it does |
|---|---|
| User | Search for and link an existing user — by name, phone, email, or role. |
| PIN Code | The staff member's POS login PIN. (Editable when you edit the record, not on first create.) |
| Is Active | Turns this POS account on. |
POS permissions
Every POS user carries five permission toggles. All default on — switch off the ones a given staff member shouldn't have.
| Toggle | What it allows |
|---|---|
| Open Discount | Apply a manual amount or percentage discount at the POS. |
| Program Discount | Apply your pre-built discount programs. |
| Can Access Admin | Open admin settings from inside the POS app. |
| Can Refund | Process refunds against an order. |
| Can Open Cash Drawer Without Pin | Pop the cash drawer without entering a PIN first. |
Assigned Tables (waiter role)
The Assigned Tables section only matters for users whose role is waiter and who belong to an outlet. It limits a waiter to a slice of the floor.
- For most outlets you pick tables from a multi-select autocomplete.
- When the outlet has 24 tables or fewer, you instead get grouped section checkboxes — tick whole table sections at once.
- Leave it empty to assign all tables. The helper text walks you through each state ("Select an employee first", "waiter only", "N selected", and so on).
Waiter only
Non-waiter users can't have table assignments — the section stays inert for them. Table assignment also depends on the outlet having tables and sections set up. See Table Service.
How POS permissions surface on the till
The toggles above aren't abstract — they change what a cashier sees in the POS app:
- Can Refund decides whether the refund action is available when reviewing an order — see Order Management.
- Open Discount and Program Discount gate the discount controls on the sale screen.
- Can Access Admin decides whether staff can reach admin settings from the tablet at all.
A user without the right toggle simply won't find the button. There's nothing to hide manually — set the toggle and the POS does the rest.
Bean & Brew example: the owner is a merchantAdmin with every POS toggle on. The weekend cashier is a cashier with Open Discount and Can Refund switched off, so they can ring up sales and take payment but can't discount a bill or reverse a charge without a manager.
Related
- Staff Accounts — create the users that roles attach to.
- POS Overview — how permissions shape the till experience.
- Order Management — where refund permissions take effect.
- Table Service — waiter table assignments in action.
- Attendance — clock-in tracking for the same staff.
- Admin Console Overview — the rest of the merchant console.