Fareclock provides a robust permission system that allows organizations to assign specific access levels to administrators based on their roles. Through the Admin Console, you can define what each admin can view or manage—ranging from user profiles, schedules, and time cards to reports and system settings.

This level of control ensures secure access to sensitive data, supports accountability, and streamlines operational workflows. By tailoring permissions to individual responsibilities, organizations can maintain system integrity while empowering admins to perform their tasks efficiently.

To learn more about the differences between these roles, please refer to this help article.

When a worker’s role is updated to Admin, a “Permissions” section will appear under their user profile. From there, you can customize the specific access rights assigned to that admin.

Note that Account Owners automatically have full access to all permissions and settings within the system.

• Manage billing - Only users with the Account Owner role are automatically granted permission to manage billing.
• Edit workers - The permission to edit workers also includes the ability to add punch photos to a user's face model, as well as access to user data and face training on the time clock device.
• Edit devices - Manage and update device settings.
• Edit punch attributes - This permission allows the administrator to view punches and modify punch details such as job costing and notes. It also enables approval of flagged punches. However, adding new punches or editing punch times requires the additional "Edit punch times" permission.
• Manage payroll - Grants access to view, generate, and export payroll reports for processing worker compensation.
• Setup clocks - Allows the administrator to configure and manage time clock devices.
• Edit organization settings - Grants permission to edit organization-wide settings, including defaults, API access, company information, departments, payroll, and shift configurations.
• User sensitive - Grants access to sensitive user information, including viewing and editing Compensation, Identification, Work History, and Pay Class details. Also allows deleting employees and viewing wage totals in reports.

You can choose which fields contain private or sensitive user information.

• For built-in fields, go to Settings > Users > Defaults to mark them as user-sensitive.
• For custom fields, you can check the User Sensitive box when creating or editing the field.

This helps protect personal data by limiting who can view or change it.

• Edit jobs - Manage and update job settings.
• Manage clock logs - This permission allows the user to view and approve clock logs, which may affect the associated punches. Approving clock logs can update the employee’s face model if photos are included. It also grants access to the Geo Mapping feature. This permission does not permit editing or adding punch times.
• Manage time off - Allows the user to manage employee time-off requests, approvals, and related settings.
• View audit logs - Grants access to view detailed records of system activities and user actions for compliance and monitoring purposes.
• Edit own information - This permission allows the user to edit their own employee information and punches, provided they also have the Edit Employees and Edit Punches permissions.
• Edit administrators - This permission grants the ability to view and edit user details but does not include access to administrator punches, which is controlled separately by the Edit Punches permission. To edit administrators, you must also have the Edit Workers permission. Note that only account owners can edit other account owners.
• Edit punch times - Allows the user to modify the time entries of punches, including clock-in and clock-out times.
• Manage attendance - Grants the ability to monitor and manage employee attendance, including tracking shift compliance and handling attendance-related settings.
• Manage schedule - Allows the user to create, edit, and manage employee work schedules.
• View reports - Grants the user permission to access and view various reports within the system.

Admin Pin Permissions

Admin PIN Permissions control access levels for administrators using PIN authentication. These settings help secure key functions by assigning specific rights based on the admin’s role and responsibilities. To learn more about how to use or switch to Admin PIN, please refer to the article on switching to Admin PIN.

Step 1: Go to the Fareclock Admin Console and go to Settings. Under ‘Settings’ find and click ‘Devices’.

Step 2: Select the device you want to edit the settings.

Step 3: After selecting the device, you will find a settings option underneath where you can locate 'Security Settings'.

• View workers - If enabled, the administrator PIN above will grant the user access to the worker list in the app. If not enabled, the administrator must log in with their email and password to gain access.
• Add punches - Grants permission to manually add punches for workers in the application.
• Add workers - Grants permission to create and add new worker profiles to the application.
• View worker pins - Allows the administrator to view worker PINs within the application.
• Enroll worker faces - Grants the administrator permission to enroll and manage worker face data within the application.
• View worker reports - Allows the administrator to access and view individual worker reports within the application.

Using the user fields under Device Admin PIN permissions, administrators can control which organizational units, departments, user labels, workers, and nationalities are visible on the device when accessed with an Admin PIN.