Home/ Docs/ User Roles & Access Control/ How are users scoped by country or vendor?
User Roles & Access Control

How are users scoped by country or vendor?

Individual user accounts can be scoped to a specific country or vendor. A user record can carry a country association (used for the Country Manager experience and country-scoped reporting) and/or a vendor association (used so a vendor's staff see only that vendor's branch, orders, and data). Combined with role-based permissions, this scoping is what lets one platform safely host many vendors…

Individual user accounts can be scoped to a specific country or vendor. A user record can carry a country association (used for the Country Manager experience and country-scoped reporting) and/or a vendor association (used so a vendor's staff see only that vendor's branch, orders, and data). Combined with role-based permissions, this scoping is what lets one platform safely host many vendors and many countries: a vendor operator with the Vendor role *and* a vendor scope sees only their own operation, while a country manager sees only their country. Scope narrows *which data* a role applies to; permissions decide *what actions* are allowed on it.