Running an online business can be complex, especially as you grow, add stores, and bring on new team members. With the launch of Organizations and role-based access controls (RBAC), Shopify now provides all merchants across all plans with powerful tools to streamline staff management, centralize operations, and future-proof their businesses as they scale.
What are Organizations?
With Organizations, you can bring all of your Shopify stores together under one umbrella, creating a single place to manage your business. Instead of switching between store accounts and repeating similar tasks across stores, we're enabling Organizations to give a bird's-eye view of billing, user permissions, and store settings from one dashboard. Organizations are more than just a convenience—it's a better way to model your business on Shopify. It's about moving beyond managing individual stores to managing your entire business with clarity and control, saving time and reducing effort as you scale.
If you're a multi-shop owner, you can now easily group two or more stores with the same billing currency into an organization to start managing your business more holistically. There’s now an optional tool in General Settings to help you group your stores in just a few simple steps, so that your stores, users, and billing can be managed from one centralized place in Shopify admin. Visit the Shopify Help Center to learn more about creating your first organization.
Introducing role-based access control
Managing staff permissions and access across multiple stores can quickly become challenging, especially as your business grows and roles evolve. Role-based access control (RBAC) simplifies this process by allowing you to define and assign roles based on specific job functions—such as “Store Manager” or “Marketing Specialist.” For business owners and enterprises with lots of staff, you'll be able to easily create and enforce consistent access among employees with similar job functions.
Simplified user management
With RBAC, you can set up roles that include the necessary permissions for each job function. This eliminates the need to configure individual permissions for each user. For example, when onboarding a new employee, simply choose a role like “Customer Support,” to assign the right permissions instantly. RBAC helps reduce manual work and ensures consistency in how permissions are managed across your organization.
Enhanced flexibility with multiple roles
You can now assign multiple roles to a single user, allowing them to fulfill different responsibilities. For example, a team member might have both “Merchandiser“ and “Marketing“ roles depending on your business needs. This provides flexibility to adjust roles as your business evolves, ensuring every user has the right access.
Efficient user onboarding by groups (available for Shopify Plus only)
Group users with similar roles together to assign permissions in bulk, making it easy to onboard new team members or transition roles within your organization. If you’ve recently hired a customer support representative in a specific region, you can assign them to a “Customer Support-North America” group, and they will share the same permissions and store access configuration as others in that group. This makes it easy to onboard users with the same roles and store access, and to do this at scale for bulk user management.
Explore staff permissions in Shopify admin
How to get started
While your existing workflows and user access will continue without disruption, there are three steps you should take to ensure a seamless transition to the new role-based access control model.
1. Review users with ‘User Management’ permissions
As a store or organization admin, take a moment to review the permissions of staff members who previously had “User Management“ access. Staff with user management permissions may face temporary restrictions until they are reassigned by an organization administrator or owner. For more details, check our help documentation.
2. Migrate users with ‘Legacy Access’
If your organization had used roles in the past, they have now been converted into user groups under the same names and marked with a “Legacy Access“ badge. Create and assign roles to users or groups to remove the badge and transition their access to the new model.
As the organization administrator or owner, you must update permissions for all users by May 1, 2025. After this date, users and groups with legacy access will be automatically migrated to have one role per store, potentially creating many auto-generated roles. For detailed instructions on how to migrate users with legacy access, please visit the Shopify Help Center.
3. Update SCIM provisioning settings
If your organization uses SCIM with an identity provider (IdP) to manage user provisioning, it's important to update your settings to assign user groups instead of individual roles. This change is crucial to maintain continuous, uninterrupted access. For detailed guidance, refer to our updated SCIM user management documentation.
A foundation for growth
Together, the new Organizations and role-based access control model offers a streamlined, cohesive approach to store and user management. Whether you're a merchant running two stores or ten, these updates will help you stay organized and efficient as you scale. You’ll spend less time on operational tasks and more time focusing on growing your business.
