How Booksmor handles multiple businesses under one login, team members with different access levels, and giving your CA secure access to your books.
Multiple companies under one login
Many SMBs run more than one business — a trading company plus a manufacturing arm, a parent shop plus a side venture, a family with multiple firms under different proprietors. Booksmor supports this natively:
- One Booksmor account = one login (your email + password).
- Under that login, you can have as many companies as your plan supports.
- Each company has its own books, its own GSTIN, its own Chart of Accounts, its own staff, its own data — fully isolated.
- After signing in, you pick the company you want to work on from the Choose a company screen.
- Switch companies any time via the sidebar — Setup → Switch company.
Per-company password lock
For extra security on sensitive companies, set a company-specific password lock. When anyone (including you) clicks into that company, Booksmor prompts for the lock password before opening.
Set it from inside the company: Setup → Settings → Company lock.
Multi-company is plan-gated
The base plan includes one company. Additional companies are gated to specific plans / add-ons — most SMBs running multiple companies are on partner or extended plans. Check Setup → Subscription to see if you can add more.
If multi-company is your day-1 need, talk to us at sales@booksmor.com — there’s often a sensible structure for your situation.
Team members & roles
No per-user fees. Invite anyone you trust to work on the books — your accountant, your manager, your cashier, your CA.
How to invite
- From inside the company, Setup → Team.
- Click Invite member.
- Enter their email + pick a role.
- Optionally set a temporary password (Booksmor auto-generates a 12-character policy-compliant one if you don’t).
- Click Invite.
The invitee gets an email with the temporary password. On first login, they’re forced to set their own password. They then see your company in their Choose a company list and can open it.
The nine pre-built roles
Booksmor seeds these roles for every company, with sensible defaults:
| Role | Typical user | What they can do |
|---|---|---|
| Owner | You | Everything. Manage other users. Delete the company. |
| Manager | Operations / GM | Everything except billing + user management. |
| Accountant | In-house accountant or CA | All vouchers, all reports, GST prep + file. |
| Cashier | Counter staff | Create + post receipts and payments. View customers / vendors. No financial reports. |
| Auditor | External auditor | Read-only across everything. Cannot edit / post / delete. |
| Salesperson | Sales staff | Create + post sales invoices, manage customers. No purchase / financial access. |
| Store Keeper | Stock-room staff | Manage products, stock, delivery challans. View purchases / sales. |
| Production Store | Production team | Manufacturing module access (BOM, issue, receipt). View products + stock. |
| HR | HR / payroll staff | Payroll module access (employees, pay runs, statutory). No financial / sales access. |
Per-feature granular permissions
If a pre-built role isn’t quite right, customise it. Setup → Team → Roles opens a matrix:
- Rows: every feature / voucher type / report.
- Columns: read / create / post (for vouchers); view (for reports).
Tick / untick to fine-tune. Granular permissions include:
- Per-voucher-type (sales / purchase / receipt / payment / journal / credit_note / debit_note × read / create / post).
- Per-report (
report.pnl,report.balance_sheet,report.sales_register, etc.). - Module-level toggles (payroll.read, payroll.write, payroll.disburse).
- Period locking (
period.lock— for closing past periods). - Bank import, GST prepare / file, etc.
A role with the coarse voucher.read permission implicitly gets every voucher.<type>.read — you don’t need to tick each one individually.
Owner-uniqueness guard
You can’t demote or revoke the last Owner. There must always be at least one. If you want to transfer ownership to someone else, promote them to Owner first, then demote yourself.
CA / Accountant access
For Indian SMBs, your CA is often your most-important external collaborator. Booksmor supports two ways to give them access:
Option 1 — Invite as a team member (the simple way)
If your CA only works on your books, invite them like any other team member with the Accountant role (or a customised one).
- Use Setup → Team → Invite member.
- They get a login to your company, sign in, and work alongside you.
This is the default for in-house accountants, freelance bookkeepers, and small CAs who don’t need a dedicated portal.
Option 2 — Link via CAID (the Partner Portal way)
If your CA is part of a CA firm with multiple clients on Booksmor, they probably have a CAID (CA-Identifier) from registering as a Partner. Linking via CAID gives them access through their Partner Portal — they see all their clients in one dashboard.
How to link:
- Ask your CA for their CAID — looks like “CA-1A2B-3C4D”.
- In your company, Setup → Settings → Accountant access.
- Enter their CAID and click Find.
- Booksmor shows their firm name. Pick an Access level:
- View only — read everything, change nothing.
- Prepare — bookkeeping + reports, no GST filing.
- Manage — prepare + file + edit masters.
- Click Confirm & link.
Your CA now sees your company in their Partner Portal. The access level you chose maps to a pre-built “CA” role that you can further customise from Team → Roles → CA if needed.
You can revoke access any time — same screen, Remove accountant.
Why two options?
| Option | Best when |
|---|---|
| Team member | Your CA only works for you, or wants a simple individual login |
| CAID link | Your CA has many clients on Booksmor and uses the Partner Portal to manage them |
You can switch between them — remove the team-member invite and re-link via CAID, or vice versa.
Audit log
Every meaningful action — invoice posted, voucher amended/deleted with reason, team member invited/role changed, CA linked, password changed, GST return filed — gets recorded in an immutable audit log.
- Reviewable by Owner role from inside the app.
- Includes who did it, when, and (for edits) the reason the actor provided.
- 90-day audit log of AI-chat inputs and outputs once the in-app chatbot is live.
The audit log helps with statutory audits, internal compliance, and the occasional “who deleted this voucher?” investigation.
Common questions
Can my team members access multiple companies under one login? Yes. If you invite the same email address to multiple companies (with potentially different roles in each), they sign in once and see all the companies they have access to in their Choose-a-company screen.
Can my CA work on multiple of my businesses? Yes — invite (or CAID-link) them to each company separately. They see all of them in their picker / portal.
Can the cashier see how much profit we’re making?
By default, no — the Cashier role doesn’t include financial-report permissions. If you’ve customised the role to grant report.financial.view, then yes. Use the per-feature permissions matrix to control this precisely.
What if a team member leaves? Setup → Team → Members → Revoke. Their access ends immediately; their session is invalidated. Their historical actions stay in the audit log under their old name/email.
Can I have a per-team-member spending limit? Not currently. Permissions are gate-style (can / can’t do an action), not limit-style. If you need amount caps, the workaround is to require a Senior reviewer for amounts above a threshold (manual workflow).
Can my CA see other clients’ data? Absolutely not. Tenant isolation is enforced at the database level (Row-Level Security on every tenant table). Even if your CA is linked to 50 clients, each click into one of them shows only that client’s data.
Is there a 2FA / MFA option for team members? Not currently. Strong password policy (9 chars min, mixed case, digit, special — enforced everywhere) is in place; MFA is on the roadmap.
Can a team member’s mobile number be used for login? Login is email + password only. Mobile-OTP login is on the roadmap.
What happens to a team member’s role if I delete the company? The membership is removed. The user keeps their Booksmor account; they just can’t access the deleted company anymore.
Can I temporarily pause a team member’s access without revoking? Not via a dedicated pause toggle. Workaround: change their role to Auditor (read-only) while they’re away.
In one sentence
One login, multiple companies, unlimited team members with 9 pre-built roles plus per-feature granular permissions, and a clean CA-link flow that handles both “my CA works only for me” and “my CA firm has 50 clients on Booksmor” — with strict data isolation between tenants.