Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.arcuserp.com/llms.txt

Use this file to discover all available pages before exploring further.

Role changes affect what users can see, approve, post, ship, refund, configure, and export. Treat custom roles as security controls, not convenience shortcuts.

Open Roles And Permissions

  1. Open Admin.
  2. Choose Roles.
  3. Review the role list.
  4. Use Duplicate on a system role or Create custom role when the defaults do not fit.
Roles and Permissions page with system roles, custom roles, permission counts, assigned users, duplicate and edit actions

Understand System And Custom Roles

  • System roles are Arcus defaults. They are locked so updates stay consistent.
  • Custom roles are entity-specific access profiles created by your admins.
  • Assigned users show whether a role is actively used.
  • Permission count helps compare broad roles to narrow roles.
When a system role is close but too broad, duplicate it and remove the permissions that do not belong. When a system role is too narrow, duplicate it and add only the missing permissions needed for the job.

Create A Custom Role

  1. Choose Create custom role, or duplicate a locked system role.
  2. Enter a name that matches the job, such as AP Clerk, Shipping Lead, or Inventory Auditor.
  3. Add a short description so future admins know why the role exists.
  4. Review each permission group.
  5. Select only the permissions required for the user’s real work.
  6. Save the role.
  7. Assign it from Organization Users or Entity Team.
  8. Review the Role Coverage Report after assignment.
Create custom role page with name, description, grouped permission checkboxes, and Save role button

Permission Groups To Review Carefully

AreaWhy it is sensitive
Users, roles, and organizationCan invite people, remove access, reset MFA, or grant higher access.
Accounting and period closeCan post entries, pay bills, close periods, or change financial statements.
Payments, refunds, and creditsCan move money, reverse money, or change customer balances.
Inventory adjustments and overridesCan change stock and inventory value outside normal workflows.
Returns and fulfillment overridesCan restock, write off, ship, void labels, or bypass operational checks.
Settings and integrationsCan change defaults that affect tax, shipping, email, documents, and connectors.
Audit and reportsCan view sensitive operational or compliance history.
Use a second reviewer for high-risk roles when possible.

Assign Roles Safely

Roles are assigned from user management surfaces.
  • Use Organization Users when inviting a person or managing entity memberships.
  • Use Entity Team for day-to-day role changes inside the active entity.
  • Use Location Access when the user should only work in certain warehouses or locations.
  • Use Custom Permissions only when a one-off override is truly needed.
Prefer a clean custom role over many user-specific overrides. Roles are easier to audit and easier to explain during onboarding and offboarding.

Use Role Coverage Report

Open Admin, then Role Coverage Report. The report shows active users, their role, custom role, and effective permissions after role defaults and overrides are applied.
Role Coverage Report page showing users, roles, and effective permission columns
Use it for:
  • Onboarding review after assigning a role.
  • Offboarding review before removing final access.
  • Quarterly access review.
  • Troubleshooting a permission-denied report.
  • Confirming custom overrides did not grant more access than intended.

Troubleshoot Permission Problems

ProblemCheck
User cannot see a moduleRole permission, module setting, entity membership, and location access.
User can see a page but cannot actAction-level permission may be missing. Review the Role Coverage Report.
User cannot approveApproval workflow settings and the user’s approval-related permissions.
User cannot assign OwnerOnly owner-level users can grant owner-level access.
Custom role changed but user still blockedRefresh the session and verify entity context.
Too many one-off overrides existConvert common override patterns into a clean custom role.

Common Blocks

  • System role cannot be edited: duplicate it, then edit the custom copy.
  • Save is disabled: role name is required.
  • Permission key is confusing: compare it with the page or action the user needs, then verify with Role Coverage.
  • User has access in sandbox but not production: roles are assigned per entity.
  • New location is invisible to a user: update location access after adding the location.
  • Role cleanup is overdue: export or review Role Coverage, remove stale overrides, and deactivate unused custom roles only after users are reassigned.

User Management

Invite users, assign entity access, restrict locations, reset MFA, and manage current entity users.

Organization, Entities, and API Access

Manage organization overview, entities, user access, and organization-level safety controls.

Audit Log and Compliance

Review audit activity, compliance reports, saved filters, and user access history.

Profile and Security

Manage your own profile, PIN, MFA factors, security keys, and recovery options.