Rights per user role

Modified on Thu, 21 Dec 2023 at 09:55 AM

Roles are used in Yuki to regulate rights. By assigning a role to somebody you will give that person extra rights. Each user has specific basic rights. The rights can be viewed and changed in 'My domain'. 

Adding one or more additional users to a domain (extra costs per added user per month) is only available when a user with the 'Management' role has chosen the bundle Medium, Large or Unlimited via the Yuki Store in the domain.

In a bundle pricing domain, only a user with the 'Management' role can assign one or more roles to the additional users in the domain.

In case of an own Entrepeneurial license only the owner of the domain or an user with the 'Management' role can assign roles to users who have access to your domain. It is not possible to assign a role to an employee

In case of a entrepeneurial portal Basis or Plus only an user with the 'Portal administratior' or 'Portal back office' role can assign a role to the maximally one user in your domain.

'My domain' can be opened from different places in Yuki:

  • Click on the Switch domain icon above the navigation bar and then click on My domain
  • Click on the Home icon in the navigation bar and then click on the My domain tile
  • Click on the Settings icon in the navigation bar and then, in the now-opened screen, click My domain.

The following screen is opened:

In this screen users can be deleted by clicking on the red cross behind the name. By opening the Rights matrix you can view which user has access to which administration.

Basic right of each user

Users without a role also have rights in Yuki. Therefore it is not necesssary to assign a role to somebody. Each user in Yuki has the following basic rights: 

  • Scan, upload or email documents
  • Ask questions to Yuki
  • View documents with security level 'all users'
  • Create new documents
  • View dossiers and create new dossiers
  • View, create and modify contacts
  • Manage personal email box
  • View calendar and create new appointments
  • View and create tasks
  • Registration of own hours by employee.


A special role is 'Read-only user'. A user with this role can never scan, upload, modify or create something in Yuki. 

Additional rights per role

At the moment you can use the following roles in Yuki:

  • Read-only user
  • Sales
  • Purchase
  • Financial administration
  • External accountant
  • HRM
  • Management
  • Security manager
  • Procuration
  • Special roles for the back office (see article Assign or change back office roles).

Below, you will find a description of the additional rights per role.

Special role Read-only user (only in combination with another role)

A user with this role can only view data in a domain. This means that creating, modifying or uploading documents is not possible for an user with this role. The 'Read-only user' role must be combined with one of the other roles. If you for example want to allow somebody to view all financial data without being able to modify that data then you have to assign the 'Financial administration' role to this person as well as the 'Read-only user' role.

Additional rights Sales

  • Create and send sales invoices
  • View Sales and Revenue lists 
  • View sales data per customer
  • View open sales invoices per customer.

Additional rights Purchase

  • View Purchase list
  • View purchase invoices and expense claims
  • View the account balance of suppliers.

Additional rights Financial administration

Someone with the Financial administration' role has all the rights of the 'Sales' role plus the following rights:

  • View and handle points of attention in administration (PO Box)
  • View financial monitor
  • View bank statements
  • View Profit and loss account
  • View balance sheet
  • Zoom in on ledger accounts
  • View all documents in the archive folders 'Sales', 'Purchase', 'Bank', 'Human Resources', 'Tax' and 'Other financial'. In the 'Human Resources' folder only the financial documents.
  • Perform invoice actions from the document 
  • Browse the ledger accounts (previous and next)
  • Perform actions from the ledger account
  • Perform actions from debtors and creditors account (match, write off, change payment method etc.)
  • Perform actions from bank transaction (match, process and split).

Additional rights External accountant

An 'External accountant' has the rights of someone with the 'Financial administration' role. This role also provides access to several additional overviews and features: 

  • View and handle points of attention in administration (PO Box)
  • View journal entries
  • Create general journal entries
  • Match outstanding balance
  • Perform actions from ledger accounts (like accrue costs, change GL account, change VAT code etc.) 
  • View trial balance
  • Export financial data
  • Create XML auditfile
  • Block administrations
  • Create or modify default values of contact.

Additional rights HRM

  • View the archive folder 'Human Resources'.
  • Create tabs in 'Human Resources' folder. In this way access to confidential documents like salary details, employment contracts and assessment interviews can be blocked for the basic user.

Additional rights Management    

Someone with the 'Management' role has all the rights of the 'HRM'', 'Purchase', 'Sales', and 'Financial administration' (except the recently added) roles. Additionally this role gives access to several extra features:   

  • View and handle points of attention in administration (PO Box)
  • Create task types
  • Create work types
  • Create archive folders (This is the only role with this right)
  • Create tabs (HRM is also able to do this but only in the Human Resources' folder')
  • Create users
  • Organize access control
  • Record bank transactions that are still open on debtors or creditors account. These bank transactions can be recorded directly on costs or revenue via the PO Box.

He or she doesn't have the rights of the 'External accountant' role automatically. In order to get these rights the 'External accountant' role must also be assigned to this user.

Special role Security manager

This role must be used in combination with the 'Management' role. An user with this role can assign the 'Security manager' and 'Procuration' roles to other users. 

The owner doesn't have the 'Security manager' role but however has all the corresponding rights. The 'Security manager' role is intended to give somebody else besides the owner the rights to be able to assign the Procuration roles to users.

Additionally this role gives access to several extra features:

  • Enable payment list security
  • Enable payment discount.

Special role Procuration

When payment list security is enabled, this role is required in combination with the 'Financial administration' role in order to be able to create SEPA payment files. 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article