Canopy Accounts & Permissions

Canopy has introduced a new section under Access > Canopy Accounts that simplifies user management for privileged users within an organization. This feature allows administrators and designated users the ability to oversee and manage account access efficiently.

What is the Canopy Accounts Section?

The Canopy Accounts section is a dedicated space for privileged users to manage the users associated with their organization. This enhancement exposes user administration, making it easier to add/edit/deactivate users, update permissions, and ensure compliance with organizational policies.

Who Can Access Canopy Accounts?

Access to this section is limited to privileged users—such as administrators or designated managers—who are responsible for maintaining security for the organization. A privileged user will have the Access permission selected for the current organization. If a user does not have the Access permission selected for their account and navigates to the Access section of Canopy, they will be presented with an unauthorized message. 

Adding a New Canopy Account

The Canopy Accounts section allows administrators to add new users to their organization with the appropriate permissions. 

How to Add a New User

1. Navigate to Canopy Accounts
   • Go to Access > Canopy Accounts in Canopy.
   • Click the blue [ + ] to begin the process.
2. Enter User Details
   • Provide the user’s first name, last name, email address and any other required details.
   • Assign initial permissions based on their role in the organization.
3. Confirm & Save
   • Review the user details and assigned permissions.
   • Click Save to finalize the addition.

If the user does not exist in the ecosystem, they will receive an invitation email prompting them to create a password and set up their account.

If the user already has an account in another organization, they will be granted permissions within the current organization without needing to set up a new account.

How Permissions Work

Each permission section represents a functional area within Canopy. Users can be granted access to separate sections, depending on their responsibilities.

Each section (e.g., Menus, Orders, Status, Reports & Exports, Loyalty, Devices, Suites, and Access) represents a different aspect of the system that a user can interact with.

Under each section, there are venue-specific permissions that allow granular control. This means that access can be tailored to individual venues within an organization.

Granting Permissions

To grant a user access:

1. Select a User – Navigate to Access > Canopy Accounts and click on an account.
2. Open Permissions – Click the Select Permissions section to open a new side sheet.
3. Identify Permissions – Identify the relevant section of Canopy the user needs access to.
4. Choose the Venue(s) – Under each category, check the specific venue(s) the user should have access to, or select the section to apply all current venues.
5. Save Changes – Once permissions are assigned, click Save and then Save on the account to apply updates.

Note: If the modified user is currently logged in, the permission updates will go into effect within two hours. Permissions can be forced by having the user log out and log back into Canopy.

Canopy Account Statuses

When managing users in Canopy Accounts, each account is assigned a status that indicates its current accessibility within the system. There are three main statuses:

🟢 Active

An Active user has full access to Canopy based on the permissions assigned to them.

What This Means:

✅ The user has successfully accepted their invitation (if they were newly added).

✅ They have a working account and can log in.

✅ Their permissions define what areas they can access.

When You’ll See This Status:

• The user has set up their account and is actively using Canopy.
• An administrator has reactivated a previously deactivated user.

🟡 Invitation Pending

A user is in Invitation Pending status when they have been invited but have not yet completed account setup.

What This Means:

⚠️ The user has received an email invitation but has not created a password or logged in yet.

⚠️ They do not have access until they accept the invitation and set up their account.

When You’ll See This Status:

• A new user was added but hasn’t completed the registration process.
• The invitation email may have been missed or is still in their inbox.

What to Do If a User Stays in This Status Too Long:

• Resend the invitation email from the Canopy Accounts section.
• Ensure they check their spam/junk folder.

🔴 Inactive

An Inactive user can no longer access Canopy but remains in the system for record-keeping.

What This Means:

⛔ The user cannot log in and no longer has permissions.

⛔ Their data and activity history are preserved for administrative purposes.

⛔ They can be reactivated if needed.

When You’ll See This Status:

• An admin manually deactivated the user.
• The user no longer requires access to the organization.

How to Reactivate an Inactive User:

• Navigate to Canopy Accounts and locate the user.
• Click Reactivate, then assign the appropriate permissions.

What Happens When a User is Inactive?

🚫 Deactivation is Global

• If a user is deactivated in one organization, their account is completely deactivated across all organizations in the current ecosystem.
• They will lose access to every organization they were previously granted permissions in.

🔐 No Selective Deactivation

• There is no option to deactivate a user only in a single organization while keeping access to others.

• If a user should lose access to just one organization, please reach out to venuesupport@shift4.com for assistance.

Need Help? We’re Here for You!

For assistance with SkyTab Venue, reach out to our support team:

• 📞 Phone: 877.559.4225
• 📧 Email: venuesupport@shift4.com

Our support team is available to help with any questions or issues you may have.

📢 System Status: Stay updated on service availability and incidents by visiting our Status Page.