Skip to main content

Security & User Access Levels

Security & User Access Levels

FastBound in CloudFFL uses a role-based security system with three access levels. Each level controls what a user can see and do within the FastBound menus. Assigning the right level to each employee protects your compliance data and API credentials.

The Three Security Groups

GroupWho Should Have ItWhat They Can Do
FastBound User
fastbound_user		 Counter staff, sales associates
  • View compliance records (serial numbers, acquisitions, dispositions)
  • CreateRead-only acquisitionsaccess whento receivingFastBound firearms
data Create dispositionsusers whencannot sellingcreate firearmsor modify acquisitions, dispositions, or other compliance records Run basic compliance reports
FastBound Manager
fastbound_manager		 Store managers, lead staff
  • Everything a User can do, plus:
  • Create and manage acquisitions and dispositions
Pull 4473 orders into POS Import compliance products Manage trade credits and customer credit transactions View webhook history
FastBound AdminAdministrator
fastbound_admin		 Store owner, IT administrator
  • Everything a Manager can do, plus:
  • Configure FastBound API credentials (API Key, Account ID)
  • Manage webhook settings and view webhook history
  • Edit all FastBound configuration settings
  • Activate or deactivate FastBound accounts

How to Assign a Security Group to a User

  1. Navigate to Settings → Users & Companies → Users
  2. Select the user you want to update
  3. Scroll down to the FastBound section (or look for a FastBound tab)
  4. Choose the appropriate group: User, Manager, or AdminAdministrator
  5. Click Save

Important: API credentials (your FastBound API Key and Account ID) are only visible to users in the FastBound Admin/ Administrator group. Do not assign AdminAdministrator access to employees who do not need to manage the FastBound connection. If your API key is exposed or misused, your compliance data could be compromised.

Audit Trail

EveryKey actionrecords takenand inconfiguration thechanges FastBoundare module is loggedtracked with the user name and timestamp. through Odoo's built-in tracking system. This means you can always trace back who created an acquisition, who processed a disposition, or who changed a configuration setting. This audit trail is critical for:

  • Internal accountability — Know exactly who did what and when
  • ATF inspections — Demonstrate that your shop maintains proper controls
  • Error investigation — If a record is incorrect, you can identify who entered it and when

Tip: As a best practice, every employee who handles firearms should have their own Odoo login with the appropriate FastBound security group. Do not share login credentials between employees — shared accounts make it impossible to trace who did what.

Back to top