What is it?
You now have more control over who can view and edit Orders and Carts in your account. With the latest permissions framework update, these objects are now managed through dedicated roles instead of broad, legacy scopes.
Why does it matter?
This change gives you tighter control and flexibility over who can access sensitive order and cart data. Instead of granting access broadly, you can now decide:
- Which teammates can view Orders and Carts.
- Which teammates can edit them.
This helps protect important data while ensuring the right people have the access they need.
How does it work?
What's New:
- Granular permissions:
orders-viewer,orders-editor,carts-viewer,carts-editorReplaces old permissions likeorders-readorcarts-readthat were tied to general roles. - Default user access has changed:
- Previously: All users could view Orders and Carts by default.
- Now: New users won’t automatically have access unless you toggle it on during user creation or assign them a permission template.Existing users keep their read access and you can toggle it as needed.
- Permission templates updated:
- Standard User → includes
orders-viewer,carts-viewer - View Only → includes
orders-viewer,carts-viewer - Super Admin → unchanged (already had full access)
- Standard User → includes
- “Start From Scratch” option:These users will not have Orders or Carts access by default. You can manually toggle permissions as needed.
How to Use It:
- When creating a new user, decide if they need Orders/Carts access.
- Assign them the Standard User or View Only template for automatic read access.
- Or manually toggle the new permissions.
- For existing users, review and adjust their permissions in User Settings if needed.
- Use Start From Scratch only if you want to build access roles with no default Orders/Carts permissions.
Who gets it?
All hubs and tiers
.png?width=193&name=jos%20(1).png)
