Not every employee should have access to everything. Your cashier doesn’t need to edit other people’s timecards, and your new hire probably shouldn’t be voiding $200 transactions on their second day. TORO’s access system handles all of this — and when someone does need access they don’t have, there’s a built-in workflow to handle it without grinding your day to a halt.
How Access Levels Work #
Every employee is assigned an access level — Admin, Manager, Cashier, or whatever custom levels you’ve created for your store. Each level comes with a set of permissions that control what that person can do. When someone tries to do something their level doesn’t allow, TORO steps in with an Access Denied screen.
The system is designed around a simple principle: give people only the permissions they need. You can always grant more access later — it’s much harder to undo damage from too much access up front.
Common access levels:
- Admin — Full access to everything. System settings, employee management, reporting, overrides. This is the store owner and anyone they trust completely.
- Manager — Operational access including reporting, overrides, higher discount limits, and void authority.
- Cashier / Employee — Day-to-day operations: ringing sales, processing payments, clocking in and out, handling basic returns.
You can create as many custom levels as you need. Some stores have a “Shift Lead” level that’s between Cashier and Manager, or a “Business Partner” level for co-owners.
The Access Denied Screen #
When an employee tries to do something they don’t have permission for, they’ll see a screen that says “Sorry [name]! Your access level cannot perform this task.” It also shows details about what was blocked — the group name, function name, and a reference ID.
From this screen, there are two main paths:
Get Permanent Access #
This is for when someone’s role has genuinely changed and they need ongoing access to something. Maybe you promoted a cashier, or you realized your managers need a permission you didn’t originally give them.
When you click Get Permanent Access, TORO asks one question: “Is an ADMIN Level user available?”
If an admin is right there — they log in with their PIN, and the access is granted immediately. Done. The system generates an access key (something like “CIGAR-829” or “SKY-386”) for the audit trail, and the permission is added to that employee’s entire access level. That means everyone at that same level gets the permission too — which is usually what you want, since people at the same level should have the same capabilities.
If no admin is around — the employee types in why they need the access, and TORO sends a text message to all admin users with the details and an access key. The admin can process it remotely, or the employee can enter the key later through the Employee menu. Either way, nothing falls through the cracks.
A few things to know about permanent access:
- Granting access to one person grants it to everyone at that access level. The text message to admins lists exactly who will gain the permission, so there are no surprises.
- TORO detects duplicate requests. If someone already asked for the same permission and it hasn’t been processed yet, it’ll ask if you want to send a reminder instead of creating a new request.
- Every request is logged with who asked, why, when, who approved it, and any notes the admin added.
Get Temporary Access #
This is for one-off situations. The employee needs to do something right now, but it’s not something they should permanently have access to.
Click Get Temporary Access and you’ll see two options:
Request Temporary Access Code — The employee enters their PIN and explains why they need the access. TORO generates a temporary code and texts it to all admin users. If the employee has permission to receive the code immediately, it prints right on the receipt printer — no phone call needed. Otherwise, they need to check with an admin user for the code.
Use Temporary Access Code — This is for when an admin user is nearby and can log in to authorize the action. The admin enters their PIN, and the action proceeds under their authorization. Think of it like a manager override at any other register system — the manager walks over, enters their code, and the employee can continue.
The key difference from permanent access: temporary access doesn’t change anyone’s permissions. The employee still won’t have access to that function next time. It’s a one-and-done override.
Processing Access Requests #
If you’re an admin, you’ll occasionally need to process access requests that came in while you weren’t at the register. Here’s how:
- From the main screen, go to Employees then Process Access Requests
- You’ll see a list of all pending requests with details: who asked, what they need, when they asked, and their reason
- Use the filters to show just unprocessed requests, or view accepted/rejected history
- Select a request and click Grant or Reject. You can also select multiple requests and process them in bulk.
- Add notes if you want — they’re saved with the request for future reference
You can also process a request by entering the access key directly. If someone texts you a key like “OCEAN-412”, you can type it in and approve it without scrolling through the list.
Color coding makes it easy to scan: green rows are granted, red rows are rejected, and unprocessed requests have no highlight.
Access Keys #
Access keys are the human-readable codes TORO generates for tracking access requests. They look like STORM-847 or LIME-263 — a word plus three numbers. They’re designed to be easy to read over the phone or text message.
Each key is unique and tied to a specific permission request. When someone gives you an access key, you know exactly what permission they’re asking for — there’s no ambiguity.
You’ll encounter access keys in two places:
- Text messages from TORO when an employee requests access while you’re away
- The Process Access Request screen where you can search by key
The Cancel Notification #
Here’s something worth knowing: if an employee hits Cancel on the Access Denied screen without requesting access, TORO sends a notification to admin users. The message says “ACCESS ATTEMPT” and includes who tried, what they tried to access, and their access level.
This isn’t about catching people doing something wrong. It’s about visibility. If your cashier keeps hitting a wall trying to apply discounts, maybe it’s time to add that permission to the Cashier level. You can’t fix what you don’t know about.
Setting Up Access Levels #
To create or modify access levels:
- Go to Dashboard then Admin Tools then Employee Management
- Select Setup Access Levels
- You can create new levels, rename existing ones, and assign specific functions to each level
Each access level has a list of allowed functions. When you add a function to a level, every employee at that level gains the permission immediately — no need to update individual accounts.
When you’re setting up a new store, start with the defaults and adjust as you go. It’s better to start restrictive and open things up than to start wide open and try to lock things down later.
Tips for Managing Access #
Review access attempts periodically. The notifications you get when employees hit the Access Denied screen are valuable data. If the same permission keeps getting requested, it probably belongs in that access level permanently.
Use the right path for the situation. Temporary access for one-off needs, permanent access for role changes. Don’t keep granting temporary access for something someone needs every day — just add it to their level.
Keep your access levels clean. A few well-defined levels are better than dozens of custom ones. Most stores do fine with Admin, Manager, and Cashier (maybe Shift Lead too).
Don’t share PINs. Every override, every access request, every action is tracked by PIN. If two people share a PIN, you lose accountability. The whole system depends on knowing exactly who did what.
