Skip to main content

Security & User Access Levels

Security & User Access Levels

FastBound in CloudFFL uses a role-based security system with three access levels. Each level controls what a user can see and do within the FastBound menus. Assigning the right level to each employee protects your compliance data and API credentials.

The Three Security Groups

GroupWho Should Have ItWhat They Can Do
FastBound User
fastbound_user		 Counter staff, sales associates
  • View compliance records (serial numbers, acquisitions, dispositions)
  • Create acquisitions when receiving firearms
  • Create dispositions when selling firearms
  • Run basic compliance reports
FastBound Manager
fastbound_manager		 Store managers, lead staff
  • Everything a User can do, plus:
  • Pull 4473 orders into POS
  • Import compliance products
  • Manage trade credits and customer credit transactions
FastBound Admin
fastbound_admin		 Store owner, IT administrator
  • Everything a Manager can do, plus:
  • Configure FastBound API credentials (API Key, Account ID)
  • Manage webhook settings and view webhook history
  • Edit all FastBound configuration settings
  • Activate or deactivate FastBound accounts

How to Assign a Security Group to a User

  1. Navigate to Settings → Users & Companies → Users
  2. Select the user you want to update
  3. Scroll down to the FastBound section (or look for a FastBound tab)
  4. Choose the appropriate group: User, Manager, or Admin
  5. Click Save

Important: API credentials (your FastBound API Key and Account ID) are only visible to users in the FastBound Admin group. Do not assign Admin access to employees who do not need to manage the FastBound connection. If your API key is exposed or misused, your compliance data could be compromised.

Audit Trail

Every action taken in the FastBound module is logged with the user name and timestamp. This means you can always trace back who created an acquisition, who processed a disposition, or who changed a configuration setting. This audit trail is critical for:

  • Internal accountability — Know exactly who did what and when
  • ATF inspections — Demonstrate that your shop maintains proper controls
  • Error investigation — If a record is incorrect, you can identify who entered it and when

Tip: As a best practice, every employee who handles firearms should have their own Odoo login with the appropriate FastBound security group. Do not share login credentials between employees — shared accounts make it impossible to trace who did what.

Back to top