How to Set Up Shopify Staff Accounts (Complete 2026 Guide)

Why Individual Staff Accounts Matter

Sharing a single admin login among multiple team members is one of the most common and most dangerous mistakes Shopify store owners make. When everyone uses the same login, you have no accountability for who made what change, no ability to restrict access to sensitive information, and no way to revoke a single person access when they leave the team.

Individual staff accounts solve all of these problems. Each team member gets their own login credentials, their own set of permissions tailored to their role, and their own activity trail that you can audit. If a customer service rep accidentally deletes a product or a marketing manager misconfigures a discount, you can see exactly who did it and when.

Permissions are the key benefit. A fulfillment team member needs access to orders and inventory but should not be able to change your theme, modify shipping settings, or access financial reports. A content writer needs access to blog posts and pages but not to customer data or payment information. Staff accounts let you enforce the principle of least privilege — each person gets the minimum access needed for their role.

For security, individual accounts mean you can revoke a single person access instantly when they leave your team, without changing passwords that everyone else uses. This is especially critical when working with freelancers, virtual assistants, or seasonal staff who may have shorter tenures with your business.

Creating a Staff Account

Step 1: Go to Settings > Users and permissions in your Shopify admin.

Step 2: Under "Staff," click "Add staff." Enter the team member email address and their first and last name.

Step 3: Set their permissions. Shopify shows a comprehensive list of permission categories with checkboxes. Select only the permissions this person needs for their role (see the Roles section below for recommended permission sets).

Step 4: Click "Send invite." The team member receives an email with instructions to create their Shopify account and set a password. They do not use the store owner credentials.

Step 5: Once the team member accepts the invitation and creates their account, they can log in to your Shopify admin with their own credentials. They will only see the sections they have permission to access — other areas will be hidden from their view.

After setup, verify the staff member can access what they need and cannot access what they should not. Log in with their credentials (or ask them to confirm) and spot-check that the permissions are working correctly.

Understanding Permission Groups

Shopify organizes permissions into several categories. Here is what each controls:

Home: Access to the Shopify admin home page and overview dashboard. Almost everyone should have this permission as it provides a general overview of store activity.

Orders: View, create, edit, and fulfill orders. Sub-permissions include managing draft orders, editing orders, and marking orders as paid. Fulfillment staff need view and fulfill; customer service needs view and edit; management needs full order access.

Products: View, create, edit, and delete products, collections, and inventory. Content managers and merchandisers need this. Be careful with delete permissions — accidental product deletion can be disruptive.

Customers: View and manage customer information, including contact details, order history, and tags. Customer service teams need this; marketing teams may need view-only access for segmentation.

Content: Manage blog posts, pages, and navigation menus. Content writers and marketing managers need this. It does not include theme editing, which is a separate permission.

Analytics: View reports and analytics dashboards. Management and marketing teams typically need this. Financial reports may show revenue data you want to restrict from some team members.

Marketing: Manage marketing campaigns, automations, and discounts. Marketing team members need this. Discount creation should be carefully controlled since misconfigured discounts can cost significant revenue.

Online Store: Edit themes, manage domains, and configure the online store. This includes theme code editing, which is a powerful and potentially destructive capability. Restrict this to developers and store owners.

Settings: Access to store settings including taxes, shipping, payments, and billing. This should be restricted to store owners and senior management only.

Recommended Roles and Permission Sets

Here are five common roles with their recommended permission sets:

Customer Service Representative: Home, Orders (view and edit, not delete), Customers (view and edit), Content (view only). This lets them handle customer inquiries, update orders, process returns, and look up customer information without accessing financial data or store settings.

Fulfillment Team Member: Home, Orders (view and fulfill), Products (view inventory). This gives them exactly what they need to pick, pack, and ship orders and check stock levels without accessing anything else.

Marketing Manager: Home, Orders (view only), Products (view and edit), Customers (view only), Content (full access), Analytics (full access), Marketing (full access). This enables campaign management, content creation, and performance analysis without settings or financial access.

Store Manager: All permissions except Settings and Online Store theme editing. Managers need broad access to run day-to-day operations but should not modify core store configuration without the owner involvement.

Developer: Home, Products (view only), Online Store (full access including theme editing). Developers need theme access but should not process orders, access customer data, or modify business settings.

These are starting points — adjust based on your specific team structure and needs. The key principle is: if a team member does not need a permission for their daily work, do not grant it. You can always add permissions later if a role expands.

Enforcing Two-Factor Authentication

Two-factor authentication (2FA) adds a critical security layer to staff accounts. Even if a password is compromised, the attacker cannot access the account without the second factor.

How it works: After entering their password, the staff member must provide a second verification — typically a code from an authenticator app (like Google Authenticator or Authy) or a hardware security key. This ensures that knowing the password alone is not sufficient for access.

Enabling 2FA for staff: Shopify allows the store owner to require 2FA for all staff accounts. Go to Settings > Users and permissions and enable the option to require 2FA. Once enabled, all staff members must set up 2FA on their next login.

Individual setup: Staff members can also enable 2FA on their own account without a store-wide requirement. Encourage or mandate that all team members activate 2FA immediately after accepting their staff account invitation.

Backup codes: When setting up 2FA, staff should save their backup codes in a secure location. These codes allow login if the authenticator app is unavailable (lost phone, factory reset). Without backup codes and without the authenticator, the staff member will be locked out and will need the store owner to reset their 2FA.

Auditing Staff Activity

Shopify maintains a timeline of actions taken in your admin, which you can use to track staff activity:

Order timeline: Each order has a timeline showing who viewed it, who edited it, who fulfilled it, and any notes added. This is the most detailed activity log and is essential for resolving disputes about order handling.

Product change history: Product edits are tracked in the product timeline. You can see who changed a price, updated a description, or modified inventory. This helps identify the source of errors when product data seems wrong.

Shopify admin activity log: On Shopify Plus, the organization-level activity log provides a comprehensive audit trail of all admin actions across all stores. Standard plans have less centralized logging but still track key activities in individual section timelines.

Regular audits: Schedule monthly reviews of staff activity. Look for unusual patterns: orders edited outside business hours, bulk product changes without corresponding requests, discount codes created without approval. Early detection of anomalies prevents larger issues.

Managing Staff Account Lifecycle

Onboarding: When a new team member joins, create their account with appropriate permissions before their start date. Send the invitation and provide documentation on your Shopify processes and conventions. Schedule a walkthrough of the relevant admin sections they will use.

Role changes: When a team member role changes (promotion, transfer, new responsibilities), update their permissions immediately. Go to Settings > Users and permissions, click on the staff member, and adjust their permission checkboxes. Do not wait — outdated permissions create either unnecessary risk (too much access) or productivity blockers (too little access).

Offboarding: When a team member leaves, immediately revoke their account. Go to Settings > Users and permissions, find their account, and click "Remove." This is critical — a former employee with active credentials is a significant security risk. Revoke access the same day they leave, or even before if the departure is not amicable.

Seasonal staff: For temporary or seasonal team members, create accounts with minimal permissions and set a calendar reminder to revoke access when their engagement ends. Do not leave dormant accounts active indefinitely.

Collaborator Accounts for Partners and Developers

Shopify has a separate account type for external collaborators like freelance developers, Shopify Partners, and agencies. Collaborator accounts differ from staff accounts in important ways:

How collaborator accounts work: External partners request access through the Shopify Partner dashboard. You receive a request in Settings > Users and permissions under "Collaborators." Review the request, set their permissions, and approve or deny access.

Advantages over staff accounts: Collaborator accounts do not count against your staff account limit. They can have their own permission set. They are clearly labeled as external collaborators in your admin. And they automatically expire when the collaborator removes themselves from the store.

When to use collaborator accounts: Always use collaborator accounts for external parties — freelancers, agencies, app developers who need admin access for setup or troubleshooting. Never create a regular staff account for an external party, as this uses one of your limited staff slots and provides less visibility into their access.

Permission recommendations for collaborators: Grant the minimum permissions needed for their task. A developer customizing your theme needs Online Store access. An app setup consultant might need Products and Settings access. Revoke access (or ask them to remove themselves) when the project is complete.

Security Best Practices

Unique passwords: Require each staff member to use a unique, strong password for their Shopify account. Passwords should be at least 12 characters with a mix of letters, numbers, and symbols. Recommend a password manager like 1Password or Bitwarden.

Regular permission reviews: Every quarter, review all staff accounts and their permissions. Remove accounts for people who have left, reduce permissions for people who have changed roles, and verify that no account has more access than needed.

Separate accounts for POS: If you use Shopify POS, create separate POS-only accounts for in-store staff. These accounts have limited online admin access but can operate the point-of-sale system. This prevents retail staff from accidentally modifying online store settings.

Session management: If a staff member reports a compromised account, immediately change their password, remove their account, and review the activity log for any unauthorized changes. Create a new account for them after the security issue is resolved.

Document your access policy: Create an internal document listing who has access, what permissions they have, and the process for requesting access changes. This formalization prevents ad-hoc permission grants that accumulate over time and create security gaps.

Frequently Asked Questions