In Hawaii, e-commerce is not just a luxury; it is a lifeline for reaching customers beyond our shores. Whether you are shipping macadamia nuts to the mainland or selling surf gear to locals, your Shopify store holds your most sensitive customer data. A common “puka” (hole) in security we see is business owners sharing their master login with employees or agencies. This is dangerous. If a disgruntled employee has your master password, they could theoretically shut down your store or redirect your payouts.
Shopify’s permissions system is robust, but it operates differently than WordPress or Wix. It distinguishes between your internal team (“Staff”) and external agencies (“Collaborators”). Here is how to set up access correctly, preserving your security and your sanity.
1. Staff Accounts vs. Collaborator Accounts
Before you click a single button, you must determine who you are adding. Shopify limits the number of “Staff Accounts” based on your plan (e.g., the Basic plan allows only 2 staff members). However, “Collaborator Accounts” for agencies and developers are unlimited and do not count toward your cap.
- Use Staff Accounts for: Employees, warehouse packers, customer service reps, or store managers who work directly for you.
- Use Collaborator Accounts for: Web designers, SEO agencies, or marketing consultants. Do not waste a staff seat on them. Instead, give them your unique “Collaborator Request Code” and ask them to request access from their own Partner Dashboard.
2. Adding a Staff Member
For internal employees, you will manually create their profile. This process ensures they have their own login credentials and you can track their actions in the store’s “Activity Log.”
- Log in to your store admin (usually
yourstore.myshopify.com/admin). - Click on Settings in the bottom left corner.
- Select Users and permissions.
- Click the green Add staff button.
- Enter their full name and a specific business email address. Avoid using personal Gmail addresses if possible; keep it professional.
3. Assigning the Kuleana (Responsibilities)
Shopify does not use broad role names like “Editor” by default; instead, it offers a granular checklist of permissions. You must hand-pick exactly what this person can touch. This concept aligns with “Kuleana”—giving them the privilege and responsibility for their specific area, but nothing more.
| Role / Job Function | Recommended Permissions | What to Exclude |
|---|---|---|
| Store Manager | Orders, Products, Customers, Discounts, Store Settings. | Exclude “Edit permissions” (so they can’t lock you out) and “Billing” (unless they pay the bills). |
| Fulfillment / Packer | Orders (Manage and Export), Products (View only). | Exclude “Online Store” (Themes) and “Customers” (Exporting customer lists is a data risk). |
| Social Media Marketer | Online Store (Blog posts, Pages), Marketing, Discounts. | Exclude “Orders” and “Financials”. They do not need to see your daily revenue. |
| Developer (Internal) | Online Store (Themes), Apps and Channels. | Exclude “Owner” rights and sensitive customer PII (Personally Identifiable Information) if not necessary. |
4. Managing External Agencies (Collaborators)
If you are hiring a pro to fix your “Liquid” code or speed up your site, do not add them as staff. Instead, enable a “Collaborator Request Code” to prevent spam requests.
- Go to Settings > Users and permissions.
- Scroll down to the Collaborators section.
- Ensure “Only people with a collaborator request code…” is checked.
- Generate a 4-digit code and send this to your agency. They will use it to send a formal request to your dashboard, which you must approve. This keeps you in the driver’s seat.
5. Revoking Access
When an employee moves off-island or leaves the company, immediate action is required. Because Shopify is cloud-based, a terminated employee with active credentials can access your customer data from anywhere in the world.
- Navigate back to Settings > Users and permissions.
- Click on the staff member’s name.
- Scroll to the bottom and click Remove staff account. This immediately kills their active session.
- For Collaborators, simply delete the entry in the Collaborator section to revoke the agency’s access.