High-Risk Permissions Now Available!

2024 is the year of BigCommerce delivering features that improve the user experience of customers and partners alike.

First up? The availability of High-Risk permissions!

What are High-Risk permissions?

This new functionality allows store owners to grant permission to other store users to install and manage applications. Previously, the ability to give non-store owning users permissions to manage API keys was released last year, you can read this blog if you aren't familiar with those, and this release provides a new set of permissions to manage applications.

The High-Risk permissions setting allows store owners to grant individual users or developers access to the High-Risk permissions listed below:

  • Create Store-level API accounts

  • List store-level API accounts

  • Delete store-level API accounts

  • Install applications

  • Uninstall applications

  • Launch applications

Additionally, high-risk permissions have the added benefit of increasing account security, as store owners' account information no longer needs to be shared with the agency or developer.

Enabling High-Risk permissions

Follow these instructions to enable High-Risk permissions for a user:

  • Step 1: Log in as the store owner

  • Step 2: Go to Account Settings > Users

0 VpZJ0myRig3P PvO-1
  • Step 3: Click the Action button for the desired user's account and select Edit

0 49Z9mQAutduKO5me-1
  • Step 4: Scroll down to the High-Risk Permission section and select which permissions you want the user to have access to!

0 k5o76sSsH9qEC4HA

And voila! You've given someone other than the store owner High-Risk permissions!

What do High-Risk permissions allow users to do?

There are a few things users who are granted High-Risk permissions can now do that they could not previously. For partners, this update is particularly interesting!

Non-store owners can now leave reviews on applications Merchants can leave a review per user, not just per store. This means that if a merchant has one store admin and three store users, all of whom have been granted High-Risk permissions, they have 4 people who are able to write reviews, instead of one

I'm interested, what's next?

This feature is generally available, so feel free to get started!

To learn more about requirements and details of High-Risk permissions, check out the following resources:

  • Support Article: Store Owner User Role and Permissions

  • Support Article: User Permissions

  • Developer Documentation: Single-Click App OAuth Flow

Still have questions? Email our DevRel teamtweet at us, or comment on this article!