Roles in ApprovalMax (Xero)

Roles in ApprovalMax (Xero)

There are two types of roles in ApprovalMax: Organisation-based roles and Request-based roles.

A user in ApprovalMax can have one Organisation-based role and at the same time be assigned to several Request-based roles. In this case, the authorities of the roles will be extended.

Example, auditor who is assigned as an approver, will be able to make decision according to the rules set in the matrix. I.e. the combination of roles extends authorities.
Please see the detailed description of each role below.

Organisation-based roles

The Account Owner or an Administrator directly sets organisation-based roles in the User section of ApprovalMax. A User can only have one Organisation-based role.


  • Administrator: sets up workflows, assigns roles, manages connections, and invites users. An Administrator can be a Requester and/or an Approver. Administrators can see all requests within their organisation and can override decisions by forcing a rejection or forcing a final approval.
  • Account Owner: has the same rights as an Administrator but can also manage the subscription and add/delete organisations. This role is automatically assigned to the Account Owner and cannot be changed or given to a different user. (*)
  • Auditor: a read-only role which allows to better understand the approval workflow in operation, without the risk of accidentally changing, approving, or rejecting something.
  • User: the default role which is assigned to any user except Auditors and Administrators. Users can be a Requester and/or an Approver.
* The change of Account owner can be done only with the ownership transfer.

Request-based roles

Request-based roles are created from the configuration of the various workflows. Users can be Requester or Approver/Reviewer, and they can have even both roles at the same time. For a user the request-based roles can even change between different workflows, depending on the setup of the various approval workflows.

  • Approver: this role allows to make approval decisions (approve or reject), set up a Delegate, add other Approvers from their Organisation to the request as well as remove those that have previously been added. Approvers can only see those requests where they have to make a decision.
  • Default Approver: this role has the same authorities as Approver and can be added to a step if there are no Approvers with the rule “Always approves”.
  • Requester: this role allows to raise and change a request (Purchase order or Bill), add Approvers from their Organisation in any step of their request as well as remove those that have previously been added. Requesters can only see their own requests.
  • Reviewer: this role is assigned to an Approver and available only in the first step of Bill Creation, Review and Approval workflow and allows review and edit Bill without sending it back to Xero. For more details, please refer to an article How does Bill review/editing work?
For more information on who can access what in ApprovalMax please have a look at the article Who has access to approval requests.

    • Related Articles

    • Who has access to approval requests?

      The security logics in ApprovalMax restrict the access to approval requests. Any particular request can only be seen by: The Requester (the person who created the request) The Approvers who make an approval decision for the request The Organisation's ...
    • Who needs to have access to Xero?

      The person who connects ApprovalMax to Xero needs full access to the Xero file. Approvers who approve Bills, Purchase Orders, and other documents don't need access to Xero in order to approve documents in ApprovalMax — this is one of the core ...
    • Why do Suppliers not appear in ApprovalMax after their creation in Xero?

      Xero treats Contacts in a specific way: a Contact only qualifies as a Supplier when there is at least one Bill associated with this Contact. There are 3 ways of dealing with this: Use a simple workaround: create a fake Bill for the Contact and then ...
    • What happens if the Default Approver approves a request?

      The Default Approver is a person specified in the approval step to cover cases where no Approver has been assigned based on the rules in the approval matrix. Consequently, the Default Approver's approval does authorise the step. However, the ...
    • Roles in ApprovalMax (NetSuite)

      There are two types of roles in ApprovalMax: Organisation-based roles and request-based roles. Users in ApprovalMax can have one Organisation-based role and be assigned to several request-based roles at the same time. In this case, the respective ...