ERPNext security is mostly about correct permission design in Frappe: roles, role permissions, user permissions, and global security settings.
ERPNext role-based permissions define CRUD and workflow capabilities per DocType.
Best practice:
- create function-specific roles (finance approver, AP clerk, AR clerk)
- keep
System Manager access extremely limited
- separate duties for entry, approval, and closing processes
Role permissions alone are broad. Use User Permissions to constrain access by company, territory, customer, supplier, etc.
For accounting/multi-company setups:
- enforce company-level isolation with User Permissions
- use strict permissions behavior when appropriate
- verify effective access with permission reports before go-live
¶ 3) Harden authentication and login behavior
Frappe supports password policy and login attempt controls.
- enforce strong password score
- set login-attempt lockout policy
- enable and audit third-party auth carefully (if used)
- remove dormant system users
¶ 4) Protect configuration and integrations
- review permissions for pages/reports, not only DocTypes
- restrict API integrations to dedicated users with least privilege
- store integration secrets outside plain-text runbooks
- audit permission changes after app/module installs
- monitor failed logins and role changes
- monitor critical document events (journal entries, approvals)
- test backup/restore for DB and private files
- run periodic permission recertification
- ERPNext Docs: Users and Permissions: https://docs.frappe.io/erpnext/user/manual/en/users-and-permissions
- ERPNext Docs: Role Based Permissions: https://docs.frappe.io/erpnext/user/manual/en/permissions
- ERPNext Docs: User Permissions: https://docs.frappe.io/erpnext/user/manual/en/user-permissions
- Frappe Docs: Password Policy and Login Attempts: https://docs.frappe.io/framework/v14/user/en/basics/users-and-permissions
Any questions?
Feel free to contact us. Find all contact information on our contact page.