Happy Business Starts Here

Read-only user account (Z-Billing and Z-Payments)

Feature Request: Read-only user account (Z-Billing and Z-Payments)

Status: Under evaluation

Reference Number: DE3850

Business Need:  

Read-only user account (Z-Billing and Z-Payments)

Currently, user can create new role for Z-Payments and uncheck all the Z-Payments permissions making it a read-only user but on the Z-Billing side, even though we uncheck the Z-Billing permissions, user can still create: *create account *create product *create report *create BR *create subscription  Making it not a full read-only user role.

7 Comments
Community Manager
Status changed to: More Feedback Needed
 
Community Manager
Status changed to: Under Consideration
 

Efforts around permissions / read-only also need to incorporate Custom Field permissions.  It is no less important to protect custom fields from update that any other field or transaction.  There can be critical pieces of data stored that have far-reaching impacts (for example used in GL segmentation and mapping) that can currently be updated by ANY PERSON with Platform UI access.  For example, why should a clerical person assigned to input external refunds have the ability to change an "account type" or "business entity" custom fields on the account, which in our tenant are critical for managing multi-org balance sheet assignement.

Honor Student

As a note we have also played around trying to create a "read only" account, by creating a role and unchecking everything.. We were still able to download customer accounts/product catalog/payments/etc. into excel, and we were also able to import files, which would ultimately update all accounts, this was the major red flag we found when trying to implement.  In the read only account, all abilities to import documents would need to be turned off. 

Zuora Staff

@Kstahl thank you for the feedback and yes, what you observed is the current behavior. True read-only accessible is still under research and our Product Management team will keep this forum updated once we have the ETA or any development.

To clarify prior comment, our team believes the first priority is a true read-only platform role that cannot do anything to update data.

 

The desire to further refine permissions at a custom field level (e.g. so role A can do updates including custom field X, while role B can do updates but not custom field X) is of lesser importance than the main need.

Tutor

While WEX uses Zuora for subscription maintenance and reporting only, it would be extremely beneficial to us to have a 'Read Only' user role created to allow for others to view data in the system but not edit adjust the subscription level information.