PrestaShop separates employees (back-office users) from customers (storefront shoppers) with distinct permission systems. Employee access is controlled through Profiles -- named permission sets that define which admin tabs and modules an employee can view or modify. The system uses a tab-level and module-level permission matrix rather than route-based or field-level controls.
Permission model
PrestaShop's admin permission system operates on two dimensions:
- Profiles -- named roles (SuperAdmin, Logistician, Translator, Salesman, or custom). Each profile has a permission matrix defining access to every admin tab and module.
- Permission levels per tab -- for each admin tab (Orders, Catalog, Customers, Stats, etc.), a profile can be granted: View, Add, Edit, Delete, or All. These are independent checkboxes, not hierarchical.
- Module permissions -- separately from tabs, each profile can be granted or denied access to configure, uninstall, or view each installed module.
The SuperAdmin profile has irrevocable full access. Other profiles are fully customizable. An employee belongs to exactly one profile.
Built-in profiles
| Profile | Default access | Typical use |
|---|---|---|
| SuperAdmin | All permissions, cannot be restricted | Store owner, lead developer |
| Logistician | Orders (view/edit), Stock, Shipping | Warehouse and fulfillment staff |
| Translator | Localization tabs, CMS pages | Translation teams |
| Salesman | Customers, Orders, Cart Rules, Stats | Sales and account managers |
Custom profiles are created at Advanced Parameters > Team > Profiles. After creating, configure permissions at Advanced Parameters > Team > Permissions.
Admin UI paths
| Task | Path |
|---|---|
| Manage employees | Advanced Parameters > Team > Employees |
| Create/edit Profiles | Advanced Parameters > Team > Profiles |
| Set tab permissions | Advanced Parameters > Team > Permissions > [Profile] |
| Module permissions | Advanced Parameters > Team > Permissions > Modules tab |
| Employee activity log | Advanced Parameters > Team > Employees > [Employee] > Last connections |
| Customer management | Customers > Customers |
| Customer groups | Customers > Groups (Default, Guest, Customer, or custom) |
| Multistore settings | Advanced Parameters > Multistore (if enabled) |
API access management
PrestaShop Webservice API:
- REST API enabled at Advanced Parameters > Webservice
- Each API key is created with granular resource permissions: GET, POST, PUT, DELETE per resource (products, orders, customers, etc.)
- API keys are 32-character strings passed via HTTP Basic Auth (key as username, empty password) or as
ws_keyquery parameter - Resource permissions are independent of employee profiles -- an API key can access orders without any employee account
- IP filtering not built-in; use
.htaccessor server-level firewall rules
API key management:
- Create at Advanced Parameters > Webservice > Add New Key
- Each key shows a permission matrix for all available resources
- Keys do not expire; rotate manually by deleting and recreating
- The Webservice must be enabled globally before any key works (toggle in the same settings page)
OAuth / Bearer tokens (PrestaShop 8.x):
- PrestaShop 8 introduced an Authorization Server module for OAuth2
- Create API clients at Advanced Parameters > Authorization Server
- Scopes map to resource endpoints
- Token-based auth for modern integrations
Analytics-specific permissions
PrestaShop has a dedicated Stats tab in the admin that houses all analytics:
- Stats tab access -- grant View permission on the "Stats" tab in the permission matrix. This gives access to all built-in statistics modules (Dashboard, Visitor Origin, Best Categories, Best Products, Sales & Orders, etc.).
- Stats modules -- each statistics view is a module (e.g.,
statsbestproducts,statssales,statsvisits). Module-level permissions control whether a profile can configure these modules, but viewing is controlled by the Stats tab permission. - Google Analytics module -- PrestaShop ships with
ps_googleanalytics. Configuration requires Module > Configure permission. The module settings page (Measurement ID, enable/disable e-commerce tracking) is accessible to profiles with module configuration access. - Dashboard -- the admin dashboard shows sales charts, recent orders, and visitor stats. Dashboard module permissions control which widgets appear. A profile with only View on Dashboard sees the widgets but cannot configure them.
- Multistore analytics -- in multistore mode, stats can be filtered by shop or shop group. Employee shop association (set on the employee record) determines which stores' data they see.
To create a reporting-only profile:
- Create a "Reports" profile at Profiles
- Grant View on: Dashboard, Stats tabs only
- Deny Add/Edit/Delete on all tabs
- Under Modules, deny Configure on all except stats-related modules
Sub-pages
- Roles and Permissions -- profile configuration, tab/module permission matrix, and multistore scoping
- Adding and Removing Users -- employee creation, profile assignment, API key provisioning, and offboarding