One of the questions we hear most from new users is: "How do I set it up so the youth pastor can see youth ministry data but not the whole church's finances?" The answer is roles and permissions โ and it is more straightforward than it sounds.
The Basics: What Are Roles?
A role is a named collection of permissions. Instead of assigning permissions to each user one by one, you create a role (e.g., "Ministry Leader") with the right permissions, then assign that role to all ministry leaders. When you need to change what ministry leaders can access, you change the role once โ not every user.
Built-In Roles
StewardTrack comes with several built-in roles that cover most church structures:
- Tenant Admin โ Full access to everything
- Finance Officer โ Full access to financial modules; limited access to membership
- Secretary โ Full membership access; read-only finance
- Ministry Leader โ Access to their assigned ministry's events, schedules, and members
- Volunteer โ Limited access: view their own schedule assignments and submit availability
Creating Custom Roles
If the built-in roles do not fit your structure, create a custom role. Go to Administration โ Roles & Permissions, click New Role, and select the specific permissions you want to grant. For example, a "Finance Committee Member" role might have read-only access to financial reports but no ability to enter transactions.
The Audit Trail
Every change made in StewardTrack is logged in the audit trail โ who did what, and when. This is especially important for financial data. If a transaction is changed or deleted, you can see exactly who did it and at what time. The audit trail cannot be edited or deleted by any user, including admins.
Practical Tips
- Do not give everyone admin access just because it is easier โ it is a security risk
- Review access at the start of each year โ people's roles change, and their system access should too
- Use the audit trail in finance disputes to reconstruct exactly what happened
Proper access control is not just about security. It is about trust. When your treasurer knows that only authorized people can see or change financial data, they can do their job with confidence.
