Table of Contents

  1. Introduction

  2. Why Restrict Sales Access to Their Own Clients?

  3. Understanding How Dolibarr Manages Client Data

  4. Overview of User Rights in the Third Party Module

  5. Preparing Your Dolibarr Installation for Segmentation

  6. Step 1: Assign Sales Reps to Third Parties

  7. Step 2: Configure User Rights to View Only Assigned Clients

  8. Step 3: Testing User Isolation and Restrictions

  9. Using the "Linked User" Field Efficiently

  10. Optional: Setting Up Custom Filters or Dashboards

  11. Avoiding Common Pitfalls in Configuration

  12. Advanced: Automating Assignment of Third Parties

  13. Optional: Restricting Data in Other Modules (Invoices, Orders)

  14. Customizing the Interface for Sales Reps

  15. Maintaining Data Segregation After Imports

  16. Role of Groups vs. Individual User Settings

  17. Handling Exceptions and Supervisor Access

  18. Using External Modules or Patches (Free Options)

  19. Security Considerations for Client Data

  20. Conclusion: Balancing Simplicity and Security

1. Introduction

In many companies using Dolibarr ERP/CRM, multiple sales representatives operate in parallel. To protect customer data and ensure operational clarity, it's essential to configure Dolibarr so that each sales rep sees only the third parties (clients/prospects) assigned to them. This guide explains how to achieve this cleanly using Dolibarr's built-in features.

2. Why Restrict Sales Access to Their Own Clients?

  • Prevent data leaks and conflicts

  • Clarify ownership and responsibilities

  • Increase focus and productivity per sales agent

  • Meet GDPR and data minimization requirements

3. Understanding How Dolibarr Manages Client Data

Dolibarr uses the "Third Party" module to manage clients, suppliers, and prospects. Each record can be linked to a user via the "Sales representative" field (fk_user).

4. Overview of User Rights in the Third Party Module

Permissions related to clients include:

  • View all third parties

  • View third parties assigned to the user

  • Create/update third parties

  • Delete third parties

Make sure the proper combination is used.

5. Preparing Your Dolibarr Installation for Segmentation

  • Ensure the Third Party module is active

  • Disable the right "Read all third parties" for sales users

  • Enable the right "Read third parties linked to user"

6. Step 1: Assign Sales Reps to Third Parties

Each third party should be assigned to a specific user:

  • Go to Third Party > Select a Client

  • Edit the record > Choose the "Sales Representative"

  • Save

You can automate this via imports or external API scripts.

7. Step 2: Configure User Rights to View Only Assigned Clients

Navigate to:

  • Home > Users & Groups > Permissions

  • Remove: "Read all third parties"

  • Add: "Read third parties assigned to user"

Optionally add:

  • "Create third party"

  • "Edit assigned third parties"

8. Step 3: Testing User Isolation and Restrictions

Log in with a sales user and verify:

  • Only their clients appear in the list

  • Other clients are inaccessible

  • Linked documents (invoices, orders) are also filtered

9. Using the "Linked User" Field Efficiently

Use this field not only for visibility, but also for:

  • Reporting and statistics

  • Filtering invoices/orders per sales user

10. Optional: Setting Up Custom Filters or Dashboards

Create bookmarks or dashboard widgets that filter only "My clients":

  • Use the advanced search panel in Third Party list

  • Save filter as default view for the user

11. Avoiding Common Pitfalls in Configuration

  • Do not assign both "Read all" and "Read own" rights simultaneously

  • Ensure all third parties have the correct user assigned

  • Recheck permissions after updates or migrations

12. Advanced: Automating Assignment of Third Parties

Via import tools or REST API:

  • Include fk_user in CSV imports

  • Use batch scripts to update clients after territory changes

13. Optional: Restricting Data in Other Modules (Invoices, Orders)

Invoice visibility depends on third party rights:

  • If a user can't see the third party, they can't see its invoices

  • You may also restrict access using the same principles for projects, tasks, and shipments

14. Customizing the Interface for Sales Reps

  • Hide unused modules in menu setup

  • Simplify the navigation panel to focus on Sales, Third Parties, Orders, and Invoices

15. Maintaining Data Segregation After Imports

When importing new clients:

  • Assign them to a user from the start

  • Avoid importing without fk_user, as it will default to admin or none

16. Role of Groups vs. Individual User Settings

Groups help scale rights quickly:

  • Create a "Sales Rep" group with standard rights

  • Assign new users to this group for consistency

17. Handling Exceptions and Supervisor Access

Managers or sales directors:

  • May have "Read all third parties" rights

  • Combine with groups like "Supervision" or "Territory Leads"

18. Using External Modules or Patches (Free Options)

Some Dolistore modules extend this feature:

  • User Access by Region or Territory

  • Advanced CRM Views with Filtering

Always test compatibility with your Dolibarr version.

19. Security Considerations for Client Data

  • Always use HTTPS

  • Enable audit logs

  • Train users not to export or share sensitive lists externally

20. Conclusion: Balancing Simplicity and Security

With thoughtful configuration, Dolibarr allows you to restrict sales reps to their assigned clients using only the core ERP functionality. The benefits include enhanced security, better user experience, and compliance with data governance standards. Maintain this setup with regular audits, onboarding routines, and training, and your CRM data will remain both safe and effective.