Opencart user, permissions, user group management and API users

To manage the Opencart admin section, opencart can have multiple users with different users group and each user group can have different permissions for the management of Opencart stores. The powerful user group is the Administrator by default but you can change it as per your requirement. For users, user groups and permissions management, go to Admin >> System >> Users where you will see as below in left menu:

User menu

First, go to Admin >> System >> Users >> User Groups, where you can see Administrator and Demonstration, edit Administrator and you will see like below:

Administrator user

As the Administrator is a superuser, everything is checked. Be sure to for whom you are making the Administrator user.

There are two permissions: Access Permission and Modify Permission. WIth Access permission, the user can see the page which is checked. With Modify permission, the user can edit the section which is checked.

How to identify the page for permission in Opencart?

In Access permission and Modify the permission on the right side you see the checkbox which are the parts of the URL and are the route of the page. Like:


In the above URL after the route= you see catalog/category which is the one you will see on the right side of the access and modify permission. So you can now find your URL and decide how to give permissions to the User groups.

Now let’s take some examples of how we can manage the users, their roles which are user group and permissions.

user groups, permission and users opencart

In the above image example, there are three User groups: Administration, Demonstration and Product manager. For the Administration, all are checked for both Access permission and modify permission as they are the superuser. For Demonstration, only access permission is checked as they can demonstrate reports and analyze it that is why to modify permission is not given. For a product manager, their role is to edit the products and add the products that are why they are given permission for some of the Access permission and some of the modify permissions like the catalog/product, catalog/category, etc.

Once user groups are set up now we can add the user. To manage the user go to Admin >> System >> Users >> Users

Add users opencart

From this user listing page, you can add, delete and edit the user. Let’s add a user, for that click the blue button at the top right corner and you will see a form like below:

User management

Enter the details like username, select User Group, first name, last name, email, image, password, confirm and status. Then click Save and the user is added.

Now, let’s learn about the Opencart API user, go to Admin >> System >> Users >> API and click the blue button to add the API user, you will see the form like below:

Opencart API users management

Enter the API username, and click the Generate button to generate the API key automatically, and click status to enabled. Then click the IP Addresses where you need to enter the IP addresses of your server which will be accessing your API.

Opencart API IP addresses

Then you can click the save button. In the Session tab, you can see the token, IP and date when the API is called or accessed like below image:

Opencart API users sessions

To use the opencart API and manage the API users you can watch this video where we defined the Opencart API:

For Opencart API detail you can check the following blog posts:

In this way, we can manage the users, user groups, access permission, modify permission, and API users in the Opencart. Please don’t forget to post your questions or comments so that we can add extra topics. You can follow us at our twitter account @rupaknpl and subscribe to our YouTube channel for opencart tutorials. Happy learning.

Previous articleHow to setup Cloudflare easily for eCommerce websites like Opencart?
Next articleHow to show multiple Store Locations in contact us page of Opencart?


  1. Hi. Thanks for help.. I need that user see only they own products.. I create a custon field em DB called user_id_custon and inside admin page I want this user see only your products.. I think that I can put a code on “route=catalog/product” to filter whats he can see but I cannot find the file .. can you help? any idea ? thanks


Please enter your comment!
Please enter your name here