Advanced Permissions for Magento 2

Magento 2 Advanced Permissions is a powerful module that allows store owners to control user access to sensitive data. This module allows admins to assign custom role permissions to specific managers, restricting access to particular products, categories, and websites. The module allows admins to restrict access based on the website, store view, and category, limiting the ability to create products, restricting users from updating specific product attributes, and allowing access to specific orders, invoices, shipments, and credit memos.

  • Provide sub-administrators with different levels of management permissions
  • Limit access on the Store View, Website, or Category level
  • Restrict the access to product tabs for sub-admins
  • Make selective restrict to product attributes available to sub-admins
  • Create products by type permissions managing
  • Prevent sub-admins from deleting products
  • Show limited customer data that are part of the website admin has access of
  • Add restrictions to manage Orders, Shipments, Invoices, and Credit Memos

Hyvä compatible

The extension is compatible with the Hyvä theme.


Why Do You Need Magento 2 Advanced Permissions?

An online store may have multiple users who log in and manage various store functionality. Every user must have an account with special permissions that limit to only their areas of responsibility.

Among the many advantages that Magento 2 Permissions module provides, the most important is that the extension allows admins to manage multi-stores and assign new custom role permissions to specific managers. These sub-admins can view and edit only particular products, categories, and websites. The module is easy to use and set up; it is a must-have feature for online stores selling sensitive products.

Ability to show only the data available to the sub-admin in the dashboard, showing only the customers from the available website, preventing sub-admins from deleting products, and easy user role management – these are all about this powerful Magento Advanced Permissions plugin.

Key Advantages That Custom Role Permissions Magento 2 Provides

Data security

One of the main criteria for successful online store performance is ensuring data security. With the help of the Advanced Permissions settings, you may improve this criterion and sell more efficiently.

Data accuracy

The Advanced Permissions module assists store owners in restricting access to particular websites' parts to specific users or groups. It interdicts employees from accidentally changing existing records or deleting them if they are not allowed to.

Managing user rights correctly

Each store provides its roles and responsibilities for employees. The Magento 2 Permissions extension empowers admins to configure permissions for each role. It can be a supplier, admin, or sub-admin.

High-level access management

Applying such a system, store owners can be sure that only authorized parties may view and manage sensitive info about their products, invoices, customer orders, etc. This helps to provide maximum access security and prevent external people from intervention. Therefore, the risk of data breach eliminates.

How does the module work?

Restrict admin access based on Website, Store view, and Category

The module provides you an option to restrict admin users and allow them to have access to only specific websites or store views.

Also, you can set restrictions for categories so only specific categories can be accessed by an admin user. 

Restrict the ability to create products

Using the module, you can restrict admin users from creating new products. Also, you can select specific product types that the admin user can only create. 

If you select "Limit ability to Create Product = Yes," and select any specific product type, the admin user can only create the product with the selected type. 

Restrict users from updating specific product attribute

The module allows admin users to be restricted from updating specific product attributes. Using this feature, the sub-admin user having limited store access can only update product attributes with store view scope. 

Restrict access to Orders, Invoices, Shipments, and Credit memos based on their status

The module provides functionality to set restrictions based on the status of orders, invoices, shipments,s and credit memos.

As shown in the image, the admin user will only be able to see orders that have a "Complete" status. 

Similarly, you can restrict Invoices, Shipments, and Credit memos based on their status.

Demo website


We aim to keep our modules regularly updated with new features, bug fixes and compatibility improvements.

Need something else?

We are happy to consider adding new features to our products. Please click below to tell us what you'd like to see.

1.6.2 - June 2nd 2023

*Fixed error when running setup:upgrade command on Magento 2.4.6

*Fixed issue with selecting categories for "Limit Access by Store View/Category"

1.6.1 - December 13th 2022

*Fixed issue with saving attribute on store view level for admin user restricted to specific store

1.6.0 - September 27th 2022

+Added PHP 8.1 compatibility

+Added Magento 2.4.4 compatibility

+Added new functionality to provide admin user permissions based on Order/Invoice/Shipment status

1.5.1 - February 16th 2022

*Fixed issue with price update when it's done by user having limited access

1.5.0 - November 18th 2021

*Fixed the error with pagination of “Attribute Permission“ while adding or editing the User Role

*Fixed the issue with Product creation permissions

1.4.9 - September 13th 2021

*Fixed issue with user role access for Magento Reports

1.4.8 - May 13th 2021

*Fixed a compatibility issue when using MySQL 8.

1.4.7 - October 1st 2020

*Fixed an issue with composer installation dependencies

1.4.6 - May 14th 2020

*Fixed an issue with redundant filtering for sales collections

1.4.5 - April 24th 2020

*Fixed an issue with missing categories buttons

1.4.4 - March 31st 2020

*Fix multistore issues

*Remove unnecessary redirects

1.4.3 - March 9th 2020

*Fix issues related compatability to Magento 2.2.2

*Remove legacy code

*Fix fatal with entity id in collections

1.4.2 - February 10th 2020

+Added backward compatibility with older Magento versions

*Fix showing buttons for products form in admin panel

*Collections sorting issue fixed

*Fixes for changing store views

*Fix fatal on bulk actions

*Fix issue for creating new User role

1.4.1 - January 29th 2020

*Fix issue with Dashboard view for restricted user

*Fix Credit Memo show in grid for restricted user

*Fix data providers issues

*Fixes for store switcher in admin panel

*Fix All Store Views content showing in restricted user

*Fix spellings

1.4.0 - September 27th 2019

+Added compatibility with Magento MSI

+Added possibility to disable creation of specific product types

+Added possibility to disable certain product tabs for a sub-admin

+Added possibility to specify which product attributes are available to a sub-admin

+Added possibility to hide the product attributes not available to a sub-admin, if you want

*Fixed compatibility bugs with Magento 2.3.2

*Fixed display root category bug under restricted user

*Fixed create order select stores issue

1.3.0 - June 22nd 2019

+Added compatibility with Delete/Archive Orders

+Added compatibility with Magento 2.3

*Fixed attributes cache issue

*Fixed grid bug for sub-admins

*Fixed products grid for sub-admins

*Fixed website filtering

*Fixed newsletter subscribers bug

*Fixed filtering issues on Customers and Products grid

*Fixed duplicate product action for sub-admins

*Fixed restrictions for product images

*Made code refactoring

1.2.2 - July 31st 2018

*Fixed a bug with Static content and Production mode deployment.

*Fixed a bug with missing categories and product_websites fields in the Products export file.

*Fixed a bug where Fatal Error appeared during User Role save action.

*Fixed a bug when Sorting and Filtering did not work for sub-admins on the Orders grid.

*Fixed a bug where Orders page did not open for sub-admins.

*Fixed a bug when sub-admins could export Orders info from restricted stores.

*Fixed a bug related to Product Attributes group edit operation.

*Fixed several minor bugs.

*Made code refactoring.

1.2.1 - June 25th 2018

+Improve AP performance on the catalog pages

+Improved general settings

*Fixed filters for sub admin on product grid

*Fixed an issue with DB prefix

*Fixed catalog view tab for sub admin, when category selected

*Fixed a bug related to product save method

*Fixed pagination for sub admin on the product grid

*Fixed incorrect behavior with configurable products

*Fixed an issue with the attribute set

*Fixed for sub admin restricted by store view/category orders wasn’t displayed

*Fixed incorrect category tree in access settings

*Fixed subcategory wasn’t visible for the sub-admin in some cases

*Fixed an issue with ‘new category’ on the product page

*Fixed sometimes tabs a disappears for sub admin

1.2.0 - October 26th 2017

*Fixed an issue with scope on categories page;

*Fixed an issue with a view of categories tree for sub-admins;

*Fixed an issue with attribute saving by sub-admin;

*Fixed an issue with online customers displaying;

*Fixed an issue in DataProvider;

*Fixed an issue with role deleting;

*Fixed an issue with product editing by sub-admin when setting ‘Allow to update global attributes’ is ‘No’;

*Fixed an issue with product assign to website when creating by sub-admin;

*Fixed an issue with product assign to a category which not included in sub-admin scope;

*Fixed an issue with unassign to website(s) when editing product by sub-admin;

*Fixed an issue with customers restriction when placing order through the admin panel by sub-admin.

1.1.2 - October 12th 2016

*Fixed the role settings saving issue when admin password entered is incorrect.

1.1.1 - September 23rd 2016

*Fixed the issue when sub-admin restricted by store view can't create and enable a product

*Fixed the error when saving a product attribute with type dropdown.

1.0.0 - July 22nd 2016

+Extension is compatible with Magento 2.1.

Request a new feature

Why choose Aitoc?

We realise that you have a choice when it comes to suppliers for Magento modules. However, we believe that Aitoc's history and pedigree is second to none.

Our company was founded in 2001, and we've been working with Magento since 2007.

Why choose Aitoc?
22 years old

22 years old

We've been providing Magento modules since 2007. Our company was formed in 2001.

Satisfied clients

Satisfied clients

We've helped more than 30000+ customers in 100+ countries.

High quality software

High quality software

We have built hundreds of modules. We provide our customers with affordable prices and high quality standards.

Professional experienced team

Professional experienced team

Our developers have proven knowledge, and our support specialists have exception problem-solving and communication skills. Together we are always ready to help you.

Impeccable reputation

Impeccable reputation

93% of our clients rate us 5/5 for product and support quality. We have a client-orientated structure to effectively work for all our customers and fit their needs.

Professional services

Professional services

Aitoc is not just about great modules. Our professional services team are ready to help you improve your ecommerce site with a range of optimisation and development services.