Add and Remove Ecwid Staff Users

Step-by-step guide to adding, managing, and removing staff users in your Ecwid store.

Ecwid allows you to add staff members to help manage your store with different permission levels. This guide covers the complete user management workflow.

User Types in Ecwid

1. Store Owner

Characteristics:

Original account creator
Full access to everything
Cannot be removed or changed
Receives all critical notifications
Billing and plan management

Limitations:

Only one owner per store
Owner account cannot be transferred (must contact Ecwid support)

2. Staff Member

Characteristics:

Added by owner or admin
Configurable permissions
Can be removed anytime
Own login credentials
Access specific features based on permissions

Plans:

Free/Venture: Up to 1 staff member
Business: Up to 5 staff members
Unlimited: Up to 100 staff members

3. App Developer (API Access)

Characteristics:

Technical users building integrations
API access only (not Control Panel)
Managed via API keys
Cannot access customer data directly

Adding Staff Members

Prerequisites

Ecwid plan requirements:

Venture plan or higher
Available staff slots

Information needed:

Staff member's email address
Desired permissions
Staff member's name

Step-by-Step: Add Staff Member

Access User Management
- Log in to my.ecwid.com
- Go to Settings → General → Staff
- Click Add staff member
Enter Staff Information

Email: Enter staff member's email
- Must be valid email they can access
- Will receive invitation email
- Cannot use email already associated with another Ecwid account
Name: Enter full name
- First and last name
- Helps identify user in activity logs
Set Permissions

Choose permission level (see Roles and Permissions for details):

Quick permission sets:

Full Access:
- All features except:
  - Changing plan/billing
  - Deleting store
  - Managing owner account
Custom Permissions:
- Select specific features:
  - ☑ Orders
  - ☑ Products
  - ☑ Customers
  - ☑ Marketing
  - ☑ Design
  - ☑ Reports
  - ☐ Settings (usually restricted)
See detailed permission options in next section.
Send Invitation
- Click Send invitation
- Email sent to staff member
- Invitation expires in 14 days
Staff Member Accepts

Staff member receives email:
- Subject: "You're invited to manage [Store Name]"
- Click Accept Invitation
- Create Ecwid account or log in to existing
- Set password if new account
- Access store immediately

Invitation Not Received?

Common issues:

Email in spam folder:

Check spam/junk folders
Add noreply@ecwid.com to contacts

Wrong email address:

Delete invitation
Re-send to correct email

Email already used:

Staff member already has Ecwid account
They must log in with that account to accept

Resend invitation:

Settings → General → Staff
Find pending invitation
Click Resend invitation

Permission Levels Explained

Available Permissions

Permission	Access Granted
Orders	View, edit, fulfill orders; issue refunds
Products	Add, edit, delete products; manage inventory
Customers	View, edit customer information
Discount Coupons	Create, edit, delete discount codes
Marketing	Manage email campaigns, abandoned carts, automations
Design	Edit store design, theme, appearance
Reports	View sales reports, analytics
Settings	Access store settings (billing, shipping, taxes, etc.)
Apps	Install, configure, remove apps from App Market

Recommended Permission Sets

Customer Support Staff

Grant:

✓ Orders (edit, fulfill, refund)
✓ Customers (view, edit)
✓ Products (view only, to answer questions)
✓ Discount Coupons (to issue discounts for issues)

Don't grant:

✗ Settings
✗ Design
✗ Apps

Marketing Team

Grant:

✓ Products (to create campaigns)
✓ Customers (to segment)
✓ Discount Coupons
✓ Marketing
✓ Reports

Don't grant:

✗ Orders (unless needed)
✗ Settings
✗ Design

Product Manager

Grant:

✓ Products (full access)
✓ Orders (view to understand performance)
✓ Reports
✓ Customers (view to understand audience)

Don't grant:

✗ Settings
✗ Design
✗ Marketing (unless part of role)

Store Manager

Grant:

✓ Full access to all features

Don't grant:

✗ Billing/plan changes (owner only)

Developer/Designer

Consider using API access instead if they only need technical access:

Settings → General → API
Generate API keys
No access to customer data
Can't make unauthorized changes

If Control Panel access needed:

✓ Design (for designers)
✓ Apps (for developers)
✓ Products (view, to test)
✗ Orders, Customers (use test data)
✗ Settings

Changing Staff Permissions

Settings → General → Staff
Find staff member
Click name
Update permissions
Save changes

Changes take effect immediately - staff member may need to refresh page.

Removing Staff Members

Step-by-Step: Remove Staff

Access Staff Management
- Settings → General → Staff
Find Staff Member
- Locate user to remove
Remove Access
- Click user name
- Click Remove staff member
- Confirm removal
Verify Removal
- User removed from list
- User can no longer access store
- User receives no notification (optional: notify manually)

What Happens When Staff Removed

Immediate effects:

Access revoked instantly
Cannot log in to Control Panel
Cannot access API (if had API keys)

User account:

Ecwid account remains (can access other stores)
Email address can be used for new invitations

Data retention:

Activity logs remain (shows "Former staff member")
Changes made remain in place

Best Practices for Removal

Before removing:

Document their work - Note what they managed
Transfer ownership - Reassign responsibilities
Change passwords - If they had shared accounts
Revoke API access - Delete any API keys they used
Review permissions - Audit what they could access

After removing:

Notify team - Let others know about change
Review recent activity - Check their last actions
Update processes - Adjust workflows if needed

Emergency Removal

If compromised account or immediate threat:

Remove immediately (don't wait)
Change store passwords
Review recent changes:
- Orders processed
- Products edited
- Settings changed
Check for:
- Unauthorized discounts
- Fraudulent orders
- Data exports
Contact Ecwid support if suspicious activity found

Managing Multiple Staff

Staff Activity Monitoring

View staff activity:

Settings → General → Staff
Activity log (if available on your plan)

What's tracked:

Login times
Actions taken
Changes made

Use cases:

Audit trail
Performance review
Security monitoring

Team Communication

Built-in staff notes:

Add notes to orders for staff communication
Use internal comments for coordination

External tools:

Slack for team chat
Asana/Trello for task management
Google Workspace for shared documents

Access Schedule

For temporary staff (seasonal, contractors):

Before season:

Add staff
Set limited permissions
Train on systems

After season:

Remove access
Export reports if needed
Document for next season

Don't leave inactive accounts - security risk.

Security Best Practices

1. Principle of Least Privilege

Only grant permissions necessary for job:

Start minimal
Add permissions as needed
Review regularly

2. Regular Access Reviews

Monthly:

List all staff members
Verify permissions are appropriate
Check for unused accounts
Confirm job roles unchanged

Quarterly:

Deep audit of all access
Review activity logs
Update permissions based on performance
Remove former employees

3. Offboarding Process

When employee leaves:

Day 1: Remove Ecwid access
Week 1: Review their last 30 days of activity
Month 1: Ensure processes transferred
Quarter 1: Final audit of their work

4. Require Strong Passwords

Staff should use:

12+ characters
Mix of letters, numbers, symbols
Unique password (not reused)
Password manager

You cannot enforce - but educate staff on importance.

5. Monitor for Suspicious Activity

Watch for:

Logins from unusual locations
Bulk data exports
Unusual refund activity
Large discounts created
Settings changes

If detected:

Remove access immediately
Contact staff member
Review all recent activity
Change store passwords
Contact Ecwid support

Troubleshooting

Cannot Add Staff Member

Issue: "You've reached your staff limit"

Cause: Plan doesn't allow more staff.

Solutions:

Remove unused staff
Upgrade plan:
- Venture: 1 staff
- Business: 5 staff
- Unlimited: 100 staff

Staff Cannot Access Features

Issue: Staff reports they can't access certain features.

Diagnosis:

Settings → General → Staff
Click staff name
Review permissions

Solution:

Enable needed permissions
Save changes
Staff refreshes page

Invitation Expired

Issue: Staff didn't accept within 14 days.

Solution:

Delete expired invitation
Send new invitation
Ask staff to accept promptly

Staff Forgot Password

Staff should:

Go to my.ecwid.com
Click Forgot password?
Enter email
Check email for reset link
Set new password

You cannot reset - staff must do it themselves.

Multiple People Need Same Access

Don't share accounts - security risk and can't track individual actions.

Solution:

Create individual accounts for each person
Set same permissions for all
Each has own login credentials

Plan Limitations

Staff Member Limits by Plan

Plan	Staff Members	Monthly Cost
Free	0	$0
Venture	1	$15/mo
Business	5	$35/mo
Unlimited	100	$99/mo

Upgrading for More Staff

To add more staff:

Settings → Billing & Plans
Upgrade to higher plan
Billing adjusts immediately
Add staff members

Workarounds (Not Recommended)

If can't upgrade but need more users:

API access (for developers):

Doesn't count toward staff limit
Technical access only
No Control Panel access

Shared accounts (not recommended):

Security risk
Can't track individual actions
Against best practices

Better: Upgrade plan for proper access control.

App Market Integrations

Staff Management Apps

Third-party apps that extend staff functionality:

Time tracking:

Track staff hours in store
Useful for hourly employees

Advanced permissions:

More granular permission control
Role-based access beyond Ecwid's default

Activity monitoring:

Enhanced audit trails
Alert on suspicious activity

Find apps:

Ecwid App Market
Search "staff" or "team"

Next Steps

Roles and Permissions - Detailed permission guide
User Management Overview - General user management concepts

For general user management concepts, see User Management Guide.

Nach oben