Users
The Users tab is where you manage everyone who touches your restaurant’s software — but there are two very different groups of people here, and they live on two separate tabs:
- Dashboard Users — the back-office team. Owners, managers, accountants. They sign in to the web dashboard with an email and password.
- POS Staff — the floor team. Servers, runners, kitchen, shift managers. They sign in to the iPad with a 4-digit PIN.
The same person can be in both (an owner who also works the floor, for example) — they’d just get invited once to the dashboard and added once to POS Staff, each with their own credentials.
Dashboard Users are tied to an email address; POS Staff are tied to a PIN. Changing one never affects the other. If a server gets promoted to manager and you want them in the dashboard, you invite them on the Dashboard Users tab. They’re still in POS Staff too.
The layout
When you open the Users tab:
- Header — title, a short subtitle, and two buttons on the right:
- Manage Permissions — takes you to Permissions. Note that it goes to two slightly different places depending on the tab: the Dashboard Users tab links to the dashboard permissions editor (Admins, Managers, custom dashboard roles); the POS Staff tab links to the POS permissions editor (Server, Runner, Kitchen, Manager on the iPad).
- Invite Member (on the Dashboard tab) or Add Staff (on the POS Staff tab)
- Tabs — Dashboard Users and POS Staff
- The list of members for the selected tab underneath
Both tabs show the same things for each person: an avatar with their initials, name, role, where they have access, and a three-dot menu with actions (hover the row to reveal it).
Dashboard Users
The people who log in to this dashboard — on any device, anywhere — to run the restaurant from the back office.
The list
Everyone appears in a single table, whether they’ve accepted their invite or not.
| Column | What it shows |
|---|---|
| Member | Initials avatar + name. Someone who hasn’t accepted yet shows a mail-icon avatar and “Invitation sent” instead |
| Their email address | |
| Role | Role badge — Admin, Manager, or any custom role you’ve created in Permissions |
| Access | A globe icon + “All Locations” if they can see every site, or a pin icon + the location name (e.g. “Soho” or “Soho +2 more”) if they’re restricted |
| Status | Green dot + “Active” for members who’ve accepted, grey dot + “Pending” for invites still outstanding |
| Actions | Three-dot menu (visible on hover) |
Above the table, a tiny counter shows how many are active and how many are still pending.
Sorting the list
Click the Member, Email, or Role column header to sort. The cycle is three clicks: ascending → descending → off. The arrow icon next to each sortable header shows the current state — a faded two-headed arrow when there’s no sort, a solid ↑ or ↓ when the column is driving the order.
Invite a new member
Hit Invite Member in the top right.
Type their email
The address the invite will go to. Press Enter here to send, or fill in the rest first.
Pick a role
A list of every role in your organisation — Admin, Manager, and any custom roles you’ve created. Each shows a short description underneath (“Full access” for Admin, or the permission count for custom roles, e.g. “12 permissions”). Tap one to select it — a tick appears on the right.
Pick carefully — you can’t change someone’s role later from here. If you need to change it, remove them and re-invite them with the new role.
Pick the location they'll work in
A dropdown of every location in your group, each labelled with its name and the parent account — e.g. “Soho (West London Ltd)”. Scope the invite to the main site where they’ll work day-to-day.
Leaving the location field empty gives the new member access to every location in the organisation from day one — the same result as picking All Locations later from the Location Access dialog. Great for admins, area managers and accountants.
Send the invitation
Tap Send Invitation. We email them a link that signs them up and drops them straight into your dashboard. The new row appears in the list immediately with a grey Pending status.
Change someone’s location access
Once an invite is out — or a member’s active — you can always change which locations they can see, even if their role stays the same.
Open the row menu
Hover the row and click the three dots on the right → Location Access.
Choose the type of access
Two big options stacked on top of each other:
- All Locations (globe icon) — they see every site in the organisation. Pick this for owners, area managers, and accountants.
- Specific Locations (pin icon) — they only see the sites you tick.
If Specific, tick the locations they need
A scrollable list appears with every location in the organisation. Tick the ones this person works at. Every location they’re not ticked in disappears from their dashboard completely.
Save
Tap Save Changes. Takes effect immediately — they’ll see the change the next time they load the dashboard.
Resend a pending invitation
If someone didn’t get the email (or it landed in spam), hover their pending row → three-dot menu → Resend Invitation. We send the same link again, a short confirmation pops up, and that’s it.
Cancel a pending invitation
Hover the pending row → three-dot menu → Cancel Invitation. You’ll get a quick “Are you sure?” prompt. Cancelling doesn’t email the invitee — it just removes the invitation so the link they were sent stops working.
Remove an active member
Hover their active row → three-dot menu → Remove Member (red). Confirm on the prompt, and that person loses dashboard access immediately. Their activity in the system (reports, orders, etc.) is not deleted — only their ability to sign in.
The dashboard won’t stop you from removing your own account. If you accidentally do, you’ll lose access and need someone else with Admin to re-invite you. When in doubt, get a second admin to do the removal.
Manage what each role can do
Roles here (Admin, Manager, custom ones) only tell the dashboard who can do what. To change what Manager can actually do — edit the menu, process refunds, void checks — tap Manage Permissions in the top right to jump to the Permissions page.
POS Staff
The team who actually work the floor — servers, runners, kitchen, and shift managers. They sign in to the iPad with a 4-digit PIN, not a password.
POS Staff are scoped to a single location, so you need to have a location selected in the sidebar to see this tab. If you haven’t, you’ll see a “Select a location” prompt instead. Switch location at the top of the dashboard and the list refreshes.
The list
| Column | What it shows |
|---|---|
| Staff Member | Initials avatar + name |
| Role | Server, Runner, Kitchen, Manager, or any custom POS role you’ve created in Permissions |
| PIN | Key icon + Configured (they have one set) or Not set |
| Status | Toggle switch — on = Active, off = Inactive. Inactive rows fade slightly so they’re easy to spot |
| Actions | Three-dot menu (hover to reveal) |
Above the table, a small counter shows X active and X inactive.
Add a staff member
Tap Add Staff in the top right.
Type their full name
How it’ll appear on their iPad login, receipts, and reports.
Pick a role
The Add Staff dialog shows four built-in options, each with a short description:
- Server — Front of house
- Runner — Food runner
- Kitchen — Kitchen staff
- Manager — Shift manager
Pick the role that matches their day-to-day job. The role decides what they can do on the iPad (void items, apply discounts, process refunds, etc.) — which you set up in Permissions.
You can create custom POS roles (e.g. Shift Lead, Barback, Supervisor) on the Permissions page under the POS Roles tab, each with their own set of permissions. Custom roles currently need to be assigned from the Permissions page itself — the Add Staff dialog only offers the four built-in roles above at creation time.
Tap Add Staff
A unique 4-digit PIN is generated on the spot and shown to you in a new dialog — see below.
The PIN reveal — only happens once
The moment you create the staff member, we show their brand-new 4-digit PIN in big bold digits with a green ✓ on top, their name underneath, and a copy button next to the digits.
This PIN is only shown once. Once you close the dialog, we can’t retrieve it for you — we only keep a secured version the iPad can check against. If you forget it, your only option is Generate New PIN, which will create a fresh one and invalidate the old.
Hit Copy to drop it on your clipboard (for pasting into a WhatsApp message, a staff handbook, whatever), or write it down. When you’re sure you’ve got it, tap I’ve Saved the PIN to close the dialog.
Edit a staff member
Hover their row → three-dot menu → Edit. You can change their name and role here. Their PIN is not affected — use Generate New PIN separately if you need to reset that.
Reset a staff member’s PIN
If they’ve forgotten their PIN, or they’ve left and you want to give their slot to someone else, or you just suspect the PIN has leaked — reset it.
Open Generate New PIN
Hover their row → three-dot menu → Generate New PIN.
Confirm
A prompt explains that the current PIN will stop working immediately. Tap Generate New PIN to proceed.
Save the new PIN
Same reveal screen as a fresh add — copy it, share it, and close. The old PIN is dead from the moment you hit Generate; the staff member needs the new one to sign in.
Deactivate vs. delete
Instead of deleting a staff member when they leave or go on long-term leave, flick their Active toggle off. This:
- Stops them signing in on the iPad immediately
- Keeps all their past orders, tips, and reports attributed to them
- Leaves the record ready to reactivate in one tap if they come back
You’ll see them fade slightly in the list. Flick the toggle back on whenever.
Reports and receipts still reference historic orders by the server who opened them. Deactivating preserves that history; deleting would leave orphaned rows in reports. Deactivate unless you’re genuinely cleaning up a mistake.
Manage what each role can do on the iPad
The four built-in roles (Server, Runner, Kitchen, Manager) are just labels — their actual powers (void, discount, refund, close register, etc.) are set in Permissions. Tap Manage Permissions in the top right to jump straight there.
On the Permissions page you’ll find two tabs: Dashboard Roles and POS Roles. Both tabs support an + Add Role button so you can create your own roles alongside the built-ins — for example, a Shift Lead POS role with a narrower permission set than Manager, or a Read-Only dashboard role for accountants. The Admin role on each tab is a system role and can’t be edited or deleted.
Empty states you’ll see
- No dashboard users yet — A shield icon with “No dashboard users yet” and an Invite Member button. Usually only on a brand-new organisation.
- Select a location (POS Staff tab) — A pin icon prompting you to pick a location from the sidebar. Do that and the staff list appears.
- No staff members yet — A chef-hat icon with “No staff members yet” and an Add Staff button. Expected for a freshly set-up location.
Quick recap — the moves you’ll do every week
- Hire a new server → POS Staff tab → Add Staff → Name + Server → copy the PIN → share it with them
- Hire a new manager who’ll run reports too → POS Staff tab (PIN) and Dashboard Users tab (email) — two separate invites
- Server forgot their PIN → POS Staff → hover row → Generate New PIN → copy the new one
- Server leaves for the season → POS Staff → flick the Active toggle off
- Add your accountant to the dashboard for all sites → Dashboard Users → Invite Member → Admin or a custom read-only role → leave Location as All Locations
- Restrict a manager to one site → Dashboard Users → their row menu → Location Access → Specific Locations → tick that one location
- Invite went to spam → Dashboard Users → pending row menu → Resend Invitation
- Team member leaves → Dashboard Users → their row menu → Remove Member
Next steps
- Permissions — Manage the two lists of roles (Dashboard Roles and POS Roles), create your own custom roles alongside the built-ins, and decide exactly what each role can do
- Devices — Register the iPads your POS Staff will sign in on
- Settings — Manage the organisation, accounts, and locations that scope who sees what