User roles let you control what your staff can see and do across your POS and Back Office. Whether you're using default roles or creating your own, it's the easiest way to manage access — without needing to configure each user one by one. Roles can be assigned individually or in bulk, saving you time as your team grows.
What's in this guide?
- Default user roles
- Creating a custom user role
- Assigning a role to a single user
- Assigning a role to multiple users
- When to use a role vs. manual permissions
- Frequently Asked Questions
- What's next?
Default user roles
Lightspeed O-Series includes four built-in roles you can use right away:
-
Admin
Admin users have full access to all permissions. They can manage your products and pricing, update user settings, and view invoices for your Lightspeed subscription — but they can’t change your plan or delete the account.Note: This role provides extensive control over your business. Only assign it to trusted staff. -
Front of house
Intended for staff who serve customers and process orders. This is the default role assigned to all new users. It includes the essential POS permissions to take payments, hold orders, apply adjustments, and record wastage.Note: More advanced functions — like applying discounts, deleting held orders, or accessing takings — require a custom role or manual permission changes. -
Back of house
Designed for staff who manage stock or production. This role allows access to stocktakes, supplier management, recipe and batch prep, and recording wastage. POS access is included for clocking in and out, but not for processing sales. -
Bookkeeper
Designed for accountants or advisors who need visibility into financial data. This role provides read-only access to Back Office reports, billing invoices, and your Insights account. It does not include POS access or the ability to create or edit data.
Creating a custom user role
Custom user roles allow you to define a set of permissions tailored to your business needs.
Note: Only Admins can create, edit, or delete custom roles. This section is not visible to other users.
- Go to Back Office → People → User Roles.
- Click New role.
- Enter a name and description for the role.
- Toggle on the permissions you want the role to include.
- Click Create role.
Assigning a role to a single user
To assign a role to a single user:
- Go to Back Office → People → Users.
- Click the settings icon next to a user’s name.
- Scroll to the Permissions section.
- Select Assign user role, then choose a role from the list.
- Click Save changes to confirm.
Roles apply across all sites the user has access to within the company.
Assigning a role to multiple users
To assign a role to more than one user:
- Go to Back Office → People.
- Tick the checkboxes next to the users you want to update.
- Click Assign role — a pop-up will appear with available roles.
- Select a role from the list, then click Assign role to confirm.
Want to update more than just roles? See our guide on Bulk User Actions for making multiple changes at once.
When to use a role vs. manual permissions
For most businesses, user roles are the best way to manage access. They’re faster to assign, easier to review, and help keep your staff permissions consistent.
Manual permissions can be used in specific cases, but they’re harder to manage — especially as your team grows.
| Use roles when... | Reason |
|---|---|
| You’re setting up staff at a new venue | Assigning roles saves time and keeps access consistent across your team. |
| You want to audit who can do what | You can filter by role on the Users page to quickly check and update access without opening every user profile. |
| You manage a team across multiple sites | Roles help you apply the same access rules quickly, even for large teams. |
| Use manual permissions when... | Reason |
|---|---|
| You have a small number of staff with unique needs | It may be quicker to tweak their permissions than create a whole new role — but if you’re doing this often, roles are the better option. |
Frequently Asked Questions
Only Admin users can create, edit, or delete custom roles. Other users won’t see the User Roles page in the Back Office unless they have Admin access.
No. Default roles are fixed and can’t be changed or removed. They’re always available as a quick way to assign common permission sets. If you need something more specific, you can create a custom role instead.
Not at the moment. You’ll need to create a new role and manually select the permissions you want.
Yes. Any permission you can assign manually — including those for Purchase, Produce, and Insights — can also be included in a role. For example, the Back of house role includes Purchase and Produce access, while Bookkeeper includes Insights reporting.
Yes. You can set up a role for a new user before they’ve logged in. Their access will apply as soon as they accept the invite.
You can only manage users who have access to the same sites as you. You also won’t be able to assign a role that includes permissions you don’t have yourself. If you need to update roles or users outside your access level, an Admin can help.
Yes, unless the other Admin is the site or company owner.
All users assigned to that role will automatically receive the updated permissions. There’s no need to update them individually.
Their role will switch to Unassigned, and their access will be managed manually. If they previously had manual permissions, those will be restored. If they had a different role before the one that was removed, their access will match that role’s permissions instead.
No. Custom roles are company-specific. If you manage multiple venues or brands, you’ll need to create the same role in each company.
Yes. If a user has access to the Back Office and permission to view users, they can see roles listed in the People → Users section.
No. You can create as many roles as you need to suit your team.
What's next?
Now that you understand how roles work, you may want to: