Skip to main content

Staff Users

Staff users are internal team members who manage your Saleor store. You can assign staff users specific permissions to control what they can access and do in the Dashboard and API. Staff users are essential for store operations, including product management, order fulfillment, customer support, and more.

Inviting Staff Users​

You can invite staff users to your Saleor store using either the Dashboard or the API.

note

You need the MANAGE_STAFF permission to invite staff members.

Dashboard​

  1. Go to Configuration → Staff Members.
  2. Click Invite staff member.
  3. Enter the staff member’s first name, last name, and email address.
  4. Click Send Invite.

Saleor will send an email invitation to the provided address. The recipient can set their password and log in using a secure link.

note

If you are self-hosting Saleor, you need to configure SMTP to enable email invitations.
In Saleor Cloud, email delivery is handled automatically.

After inviting a staff user, you can assign them to a permission group. For details on permission groups, scopes, and channel restrictions, see the Permissions documentation.

API​

You can also create staff users programmatically using the staffCreate mutation This allows you to assign permissions and add metadata in the same step.

mutation StaffCreate($input: StaffCreateInput!) {
  staffCreate(input: $input) {
    user {
      id
      email
    }
    errors {
      field
      message
    }
  }
}

Resetting Passwords​

Staff users can reset their passwords using the Saleor Dashboard or the GraphQL API. Unlike customer password resets, staff members do not require a specific channel to be assigned.

Reset Flow​

Resetting a password is a two-step process:

  • Click password reset in Saleor Dashboard. Saleor emails the staff user a secure link for setting new password.
  • The staff user opens the email, clicks the link, and enters a new password in the Saleor dashboard or a custom backoffice.

Behind the scenes:

  • Saleor Dashboard runs requestPasswordReset, which creates a unique token and embeds it in the link (redirectUrl).
  • Then, when the user opens link form the email and enters a new password, Dashboard calls setPassword with the user's email address, token, and new password to securely update the account.

Troubleshooting​

Token Invalidation by Login​

If a staff user is already logged in (for example, via Single Sign-On) and then tries to use a password reset link, the reset token may be considered invalid.

This is because the token is partially derived from the user’s last login state - if the user logs in after the token was generated (which updates the last_login timestamp), the token no longer matches and is therefore rejected.

tip

Solution: Ensure the user is logged out before using the reset link, or open the reset link in an Incognito/Private tab.

Token Expiration​

Saleor uses the standard Django PasswordResetTokenGenerator. Tokens are valid for 3 days (259,200 seconds) by default.

A token remains valid until it either expires or the user's state changes. State changes include:

  • The user changes their password
  • The user logs in (updating the last_login timestamp)

Updating Staff Data​

You can update staff user details using the Dashboard or the staffUpdate mutation.

Removing Staff Users​

You can remove staff users using the Dashboard or the API:

Saleor prevents removing or deactivating the last active staff user who can manage specific permissions.

info

If a staff user has placed orders, their customer record will remain for order history and reporting. Removing a staff user does not delete their customer data.

Extending Staff Users with Metadata​

You can attach custom metadata to staff user accounts for integrations or custom fields.

  • To set or update metadata when updating a user, include the metadata or privateMetadata fields in the staffUpdate mutation.
  • For more granular control, use:

Dashboard Features for Staff Users​

Saleor provides advanced dashboard features to help staff users personalize their workspace and work efficiently.

Saving Filter Presets​

You can save filter presets on list views for quick access to frequently used filters (e.g., “Out of Stock Products”, “High-Value Orders”).

To save a filter preset:

  1. Go to a list view (e.g., Products).
  2. Apply filters (such as channel or search terms).
  3. Click the + icon next to the list title.
  4. Enter a name for your preset and click Save.
note

Filter presets are saved in your browser’s local storage, meaning they are only available on the device and browser where they were created. They will not sync across devices or browsers.

Product Grid Customization​

You can customize which columns are visible in list views. Rearrange columns by dragging and dropping, or toggle columns on and off. Grid customization is saved per user.

note

Your column preferences are stored in your user metadata, making them available across different browsers and devices when you're logged into your staff account.

Feature Preview​

You can enable preview features from your account settings.

To access feature previews:

  1. In the left navigation menu, click the â‹® (three dots) next to your name.
  2. Click Features Preview.
  3. Enable or disable available preview features as needed.
note

Feature preview preferences are stored in your user metadata, so they persist across devices and sessions.