Administrator roles

Administrator roles are user roles managed by Shopify that you can assign to users. Administrator roles are high-trust roles that grant users store-level or organization-level permissions, including sensitive permissions.

You can assign administrator system roles to multiple users in your organization in addition to any custom store or organization roles.

Description of administrator roles

You can assign any of the following administrator roles to users in your store or organization.

Administrator role

The Administrator role is a high-trust store role that grants the following store permissions:

• View, create, edit, and delete all resources for the store, including finance resources.
• Access to all POS locations.
• User management, including the following permissions:
• View, create, edit, and delete users and roles.
• Assign and remove roles to users.

The Administrator role has the following permission limitations:

• Users with this role can't change ownership of a store.
• Permission restrictions, such as the Restrict permissions to assigned company locations store permission, don't apply to this role.

Organization administrator role

The Organization administrator role is a high-trust organization role that grants permissions for almost all features and resources in your organization and all stores in the organization, including user management. The Organization administrator role has the following permission limitations:

• Users with this role can't perform ownership changes.
• This role can be assigned only by the organization owner and users with the Organization administrator role.
• Permission restrictions, such as the Restrict permissions to assigned company locations store permission, don't apply to this role.

Store user administrator role

The Store user administrator role is an organization role that grants user management permissions for specific stores within your organization.

Users with this role can manage all users in their assigned stores. The Store user administrator role has the following permission limitations:

• This role doesn't grant users access to any of the following organization-level user management tasks:
  • Create or edit user roles.
  • Delete users from an organization.
  • Assign organization-level user roles, such as the Organization administrator.
  • Create, edit, delete, assign, or remove users from groups.
  • Suspend users.
• Users with this role can't view, create, edit, or delete non-user resources, such as products or orders.