High-Risk Permissions Now Available!
2024 is the year of BigCommerce delivering features that improve the user experience of customers and partners alike.
First up? The availability of High-Risk permissions!
What are High-Risk permissions?
This new functionality allows store owners to grant permission to other store users to install and manage applications. Previously, the ability to give non-store owning users permissions to manage API keys was released last year, you can read this blog if you aren't familiar with those, and this release provides a new set of permissions to manage applications.
The High-Risk permissions setting allows store owners to grant individual users or developers access to the High-Risk permissions listed below:
Create Store-level API accounts
List store-level API accounts
Delete store-level API accounts
Install applications
Uninstall applications
Launch applications
Additionally, high-risk permissions have the added benefit of increasing account security, as store owners' account information no longer needs to be shared with the agency or developer.
Enabling High-Risk permissions
Follow these instructions to enable High-Risk permissions for a user:
Step 1: Log in as the store owner
Step 2: Go to Account Settings > Users
Step 3: Click the Action button for the desired user's account and select Edit
Step 4: Scroll down to the High-Risk Permission section and select which permissions you want the user to have access to!
And voila! You've given someone other than the store owner High-Risk permissions!
What do High-Risk permissions allow users to do?
There are a few things users who are granted High-Risk permissions can now do that they could not previously. For partners, this update is particularly interesting!
Non-store owners can now leave reviews on applications Merchants can leave a review per user, not just per store. This means that if a merchant has one store admin and three store users, all of whom have been granted High-Risk permissions, they have 4 people who are able to write reviews, instead of one
I'm interested, what's next?
This feature is generally available, so feel free to get started!
To learn more about requirements and details of High-Risk permissions, check out the following resources:
Support Article: Store Owner User Role and Permissions
Support Article: User Permissions
Developer Documentation: Single-Click App OAuth Flow
Still have questions? Email our DevRel team, tweet at us, or comment on this article!