Spring naar hoofdinhoud
Winkel Factuur logo
Log inTry for free

Authentication & roles

The authentication and roles module of Winkel Factuur ensures that every team member has exactly the permissions they need and nothing more. We combine modern identity standards, audit logging and European privacy legislation so your marketplaces remain secure.

Summary

  • Zero-trust security model with fine-grained role-based access control for marketplace teams.
  • Audit logging of all user actions including invoice creation, credit notes, and API key changes, retained for seven years.
  • Supports Single Sign-On via SAML or OIDC and IP-based session restrictions.
  • Granular permissions per store and platform, from owner-level access to read-only document viewing.

Marketplace teams need secure, granular access control without compromising speed or compliance. Zero-trust authentication with role-based permissions, SSO support, and seven-year audit logging keeps teams secure and compliant.

Pair role-based access with full invoice automation so every team member works within their permissions.Let authorized team members create invoices instantly with our invoice creator tool.

Zero-trust for marketplaces

Winkel Factuur operates according to a zero-trust approach. Every action is validated via tokens and sessions that run on a secure layer. This allows you to deploy the module for bol.com, Amazon, Shopify and WooCommerce without having to set up separate security procedures. Roles are fine-grained: from owner and finance lead to support staff who can only view documents.
Invitations are sent via secure emails with time-limited links. As soon as a user accepts, all activities are logged. This allows your security or compliance team to always demonstrate who created which invoice, credit note or export.

Practice per platform

Bol.com accounts often require finance and customer service to work together. Winkel Factuur lets you give these teams permissions per store, including the ability to view or roll back uploads to the customer portal. Amazon Seller Central users can get access to settlement reports, while Shopify and WooCommerce teams, for example, only manage local stores.
When you connect a new marketplace or store, you get suggestions for default roles and warnings if a user gets too many permissions. This prevents sensitive data such as customer addresses or VAT numbers from being unnecessarily widely available.

EU privacy and audit trail

Winkel Factuur is designed with GDPR as the starting point. All access rights are traceable to an audit trail that is kept for seven years. You can see which user started an export, who corrected an invoice and when an API key was renewed. Our structured data principles ensure robust security and logging.
In addition, the module offers integration with Single Sign-On (optionally via SAML or OIDC) so that large organizations can authenticate via their existing identity systems. Sessions can be limited to specific IP ranges or time windows, which is especially useful for accountants who temporarily need access.

Frequently asked questions

What roles are available in Winkel Factuur?
Roles range from owner and finance lead to support staff with read-only document access. You can assign different roles per store for fine-grained control.
Does Winkel Factuur support Single Sign-On (SSO)?
Yes. You can integrate with your existing identity system via SAML or OIDC. Sessions can also be limited to specific IP ranges or time windows.
How long are audit logs retained?
All access rights and user actions are logged in an audit trail retained for seven years, meeting EU regulatory and compliance requirements.
Can I restrict user access to specific stores?
Yes. Permissions are configured per store and platform, so team members only see and manage the resources they need.