Before you start adding individual users in bessa, three questions are worth settling up front: Who works only at the Sales Point? Who additionally needs access to the Manager? And who does not need a user at all, but a separate partner access? The answer determines how that person logs in later, what they can do, and on which devices they even appear.
This guide complements the configurations in Structure your bessa account with the people layer: you have set up your companies, locations, and Sales Points — now it is about who gets in, and how.
Three access types at a glance
|
Access type |
Login |
Where it works |
Typical person |
|---|---|---|---|
|
1. Sales Point user with real email |
Username (email) + password, optionally PIN or digital key |
Sales Point and Manager (with the "Manager Access" permission) |
Owner, executive management, branch manager |
|
2. Sales Point user with placeholder email |
PIN code or digital key only |
Sales Point only (local; no Manager) |
Service staff, cashier, temporary helper, kiosk |
|
3. Tax-advisor / partner access |
Dedicated partner access |
Manager only, read-only (reports, data export, accounting accounts) |
Tax advisor, accountant |
Creating, renaming, and deleting users is performed by bessa Support — see Users. PIN codes, digital keys, roles, and Sales Point assignments are something you maintain yourself in the Manager.
Access type 1 — Sales Point user with a real email address
With a real email address, the user can sign in using username (email) and password — both at the Sales Point and in the bessa Manager (the latter as long as the "Manager Access" permission is granted; see What is the user allowed to do?). PIN and digital key still work in parallel for fast user switching at the Sales Point.
When does this make sense? For everyone who needs to work in the Manager — owners, executive management, branch managers, marketing, accounting prep. Also for anyone who should be able to reset their own password.
Recommendation: shared email address instead of a personal one
For Manager logins use a shared email address like pos@customerdomain.com or office@customerdomain.com — not a personal address like daniel@customerdomain.com.
Why? When the owner of a personal email is unreachable (vacation, illness, staff turnover) and the password needs to be reset, on-site staff is stuck — operations grind to a halt. An address that several people can read enables password reset and login even in an emergency.
Changing the email address later
The email address is permanently tied to the login token and can only be changed by bessa Support. Changing it logs the user out of every Sales Point they are currently signed in to — anyone in active operation has to sign in again.
The takeaway: choose the email deliberately when you first add the user. Better to set up a shared office address from the start than to migrate it later.
→ Operational creation and editing: Users
Access type 2 — Sales Point user with a placeholder email (local access)
Not every member of service staff has their own work email address. In that case, bessa assigns a placeholder email in the form <random-uuid>@<domain>.<tld>. The address is technically unique, but unreachable — and that is exactly the point:
-
No password can be set (there is no inbox to receive reset mail).
-
No username + password login — neither at the Sales Point nor in the Manager.
-
But: Local sign-in at the Sales Point still works, via PIN code (4 digits) or digital key (magnetic lock).
When does this make sense? For anyone who only orders at the Sales Point and does not need access to the Manager — service, counter, temporary helpers, self-service kiosks.
PIN codes should be unique within your business. If two users share a PIN, the Sales Point signs in the first match — the system does not enforce uniqueness. Detail troubleshooting: Users.
→ Maintain PIN and digital-key fields: Users
Access type 3 — Tax-advisor / partner access
Your tax advisor or accountant does not receive a Sales Point user and not a user role, but a separate partner access. This is a deliberate architectural choice: client separation, read-only access, separate legal agreement.
What partner access can do:
-
View reports
-
Export data (DSFinV-K export, accounting data packages)
-
Map accounting accounts to article groups and tax rates
-
Contact support
What it cannot do: order at the Sales Point, change master data, set up Sales Points, create users — no write access to operations at all.
Request the partner access through bessa Support or your bessa POS dealer — it is not created under "Master Data → Users". The legal framework is governed by a separate agreement; see Data Access Agreement for Tax Advisors and Accountants.
Where is the user allowed to work? — Sales Point and Sub-Terminal assignment
Every Sales Point user has to be explicitly assigned to the Sales Points (Main Sales Points) and Sub-Terminals they are allowed to sign in to. Without that assignment, the user simply does not show up on the Sales Point's login screen.
This is a structural decision per person, not a downstream detail step: in multi-location setups (see Configurations 3 and 4 in Structure your bessa account) you decide per employee at which locations they appear. A temporary helper for branch A is therefore only assigned the Sales Points of branch A, not those of branch B.
→ Details: Manage Sales Point Users
What is the user allowed to do? — Roles and permissions {#roles}
Permissions are not maintained directly on a user; they are managed via user roles. A user can have multiple roles at the same time, and the permissions are merged. An important rule: denials take precedence over permissions — if one role allows a function and another blocks it, the function is blocked.
Manager Access — the invisible prerequisite. The "Manager Access" permission decides whether a user is allowed to sign in to the bessa Manager at all — in addition to the real email address. A service-staff user with a real email but without this permission cannot sign in to the Manager, only to the Sales Point.
Four typical role profiles
These profiles have proven to be good starting points in practice. For each profile we also note which access type typically fits.
Manager / Business Owner
Purpose: Full access to all functions. Permissions: All permissions enabled, including all Manager permissions. Typical access type: Real (preferably shared) email, e.g. office@customerdomain.com.
Suitable for executive management, branch managers, or managers who need unrestricted access to all Sales Point functions, reports, settings, and the bessa Manager.
Service Staff / Waiter
Purpose: Table service without administrative functions. Typical permissions:
-
Tables (all table permissions)
-
Order at Table
-
Pay Table
-
Pay with Cash
-
Pay with Card
-
Pay with Bank Transfer
-
Reports (own reports only)
Blocked:
-
Cancel (Cancel Table)
-
Manage Shift Closures
-
Manage Fiscalization
-
Manager Access
-
Internal Payment
-
Settings
Typical access type: Placeholder email; sign-in via PIN or digital key.
Enables serving guests at tables and billing them, while preventing cancellations and administrative interventions.
Self-Service Kiosk
Purpose: Automatic kiosk mode for self-service. Permissions: Only "Kiosk Mode" enabled. Typical access type: Placeholder email; fixed login on a dedicated terminal.
When switching to a user with this role, the Sales Point automatically enters locked kiosk mode — appropriate for self-service terminals without staff operation.
Warehouse Manager
Purpose: Exclusively warehouse management without Sales Point functions. Permissions: Only "Warehouse Management" enabled. Typical access type: Either — real email if the person also works in the Manager, otherwise placeholder email with PIN.
Lets employees maintain inventory without access to sales or Sales Point functions.
→ Full permissions list and operational role creation: User Roles and Permissions Management
Which access type for whom? — Decision aid
-
This person uses the Manager? → Real email + "Manager Access" permission. Use a shared address (
office@…,pos@…) so the password is reachable in an emergency. -
This person works only at the Sales Point? → Placeholder email; sign-in via PIN code or digital key.
-
This person is my tax advisor or accountant? → Request a partner access via bessa Support or your bessa POS dealer — do not create them as a user.
-
This person works only at one specific Sales Point or location? → Restrict the assignment in the "Sales Points" tab accordingly.
Frequently asked questions
What is this cryptic email address <uuid>@… that bessa suggests for my service staff? A placeholder address used when no real email is available. It keeps the user uniquely identifiable in the system but allows only local sign-in at the Sales Point (PIN, digital key) — no password, no Manager.
Can I change a user's email later? Only via bessa Support, because the email is bound to the login token. A change logs the user out of every Sales Point. That is why settling the email choice deliberately at the start pays off.
Should I use my personal email for my owner login? Recommendation: no. Use a shared address like pos@customerdomain.com or office@customerdomain.com so on-site staff can reach the password reset in an emergency.
Is a real email enough to let someone sign in to the Manager? No — at least one of the assigned roles also has to grant the "Manager Access" permission.
My tax advisor has no access — where do I add them? Not under "Master Data → Users". Tax advisors and accountants get a dedicated partner access via bessa Support or your bessa POS dealer.
Can I create or delete users myself? No — adding and removing users is handled by bessa Support. Once the user exists, you maintain PIN, digital key, roles, and Sales Point assignments yourself.