Limit access of event managers to just the event tab. Event Managers have full access to financial, contacts, ond account information. As owner of the business the volunteer event managers have too much private financial information and total access to my contact lists I have spent years developing.

Our organization also has each event run by a different Chairperson. I can only give them view-only access, but that means if there is are mistakes in a registration, I have to fix every one myself and cannot delegate to the appropriate chair. Being able to control what kind of access a person gets for a specific event is extremely important!

Why are the Admin setting SO limiting. We have to grant full access to ALL of our managers/ leaders just so they can see their event, check attendees in and be able to email those who are registered. This has caused Huge problems. Need more levels of Admin access to limit, customize based on either events or tags or other!

This is a serious issue. I can't see any logic in enabling an event manager to "edit" Contact info. Surely this can be turned off without impacting functionality. I realise the option exists to import guest registrant info into Contacts but it should be up to an administrator or Membership Manager to edit and clean this stuff, not the event organiser. Event managers do need to be able to receipt invoices for cash or check payments so some access to invoices is necessary to perform the role.

Please address this glaring issue.

This is very disappointing to discover after we purchased a license. We'll be meeting to discuss requesting a refund and looking elsewhere. I can't believe this has been around for 5 years and not addressed.

Admin roles like the event manager should be limited from accessing and making changes to invoices/payments and member profile data

This might be one of the most serious flaws in the Wild Apricot system and it seems that it has been around for a long time. The developers seem to not take this flaw seriously and as far as I can tell they have done nothing about it. This is strange since the solution of making a subset of the Events Admin designation with limited rights seems to be an easy fix. Does anyone know of a competitor MMS that does have this capability?

I agree with this need as all the members of a HOA should all be empowered to create events in their association. To limit it to just one person is illogical and to give everyone the much too powerful capabilities attached to the "Event Manager" designation is malpractice. As it is now the Events functionality of the website is unusable for my purpose. There have been a few work arounds published by frustrated users in the attempt to make this function work:
1. Embed a Google calendar in the website and lose the Wild Apricot gadget. Members can add events which can then be sent to the admin for a manual entry.
2. Subscribe to the Teamup shared calendar and embed it in the website. It also must inform the admin to do a manual event entry.
Of course at a certain point when you find that you have to replace Wild Apricots functionality with other apps to make the site work you will eventually come to the conclusion that replacing the whole website and moving to another host is the better solution.

Totally agree with the comments here. There should be an event admin role who is assigned an event(s) and has limited access/capability

As a club, we have admins who set up events and manage WA. However, each event is run by an activity leader who is not necessarily an admin. We would like to enable the activity leader to be an "admin" to manage their event, but not have access to other events. In particular, the ability to see the registrations; manage the waitlist; send emails to registrants; use the admin app to record attendance / check in attendees, etc.

I agree with the comments I'm seeing. I've had to go to paper check-ins at the registration table because event admins have access to the full database of sensitive member information. Feel like I'm going backwards!!

We would love to see this too. Event Admins have way too much access to financial records. Agree that access needs to be restricted to prevent everyone with event access from doing these tasks which should be handled only by someone with a higher level of event access.

Add/modify invoices
Record/modify payments
Settle/unsettle payment
Add/modify refunds

This request/idea has been known to Wild Apricot for four years. Why is nothing happening?

The ability of event admins to have access to financial records and access to data base of members is a huge hole in the system. I is the main reason we kept our PayPal instead of using Wild Apricot. We have 5000 members and hold 500 events. We have 30 event admins with too much access. The big reason the need access is to know who the participants are and if they have paid. I see comments here 5 years old. This is a huge security problem and I think it should have more importance attached.

Any Update on this? We need to have multiple individuals checking members into events but not have full access as Event Admin. It really seems like there is never any movement on security related issues. This may become a deal breaker very soon due to privacy and security.

I don't want my event managers to view finances and have anything to do with invoices. My website is set up so that all payments are made online in order for someone to register for an event and become a member. My event managers don't need to deal with any finances.

I only want my event manager adding new events, modifying/duplicating existing ones, adding/modifying/canceling registrants, managing waitlists, and emailing members or event registrants (creating their own customized event emails, announcements etc). The finances side should have the option of hiding details from the event manager admins.

A limited "events coordinator" role could be useful. The role would be a scaled down version of the event manager. These features available to a full events manager would be eliminated from an event coordinator capabilities:

View contacts list
View contact details
Add new contact
Modify contact details
Run saved searches
Export contacts

These financial roles would also be eliminated for an event coordinator:

Add/modify invoices
Record/modify payments
Settle/unsettle payment
Add/modify refunds

I just joined an organization and became an event manager. My mind was boggled by the access that I was granted. To be able to access all personal information (name, address, phone number) for all members is just not acceptable. It flouts every information security rule in the book. In order to get around this deficiency, we now have to have a tight group of event admins that respond to emails from event conveners because we can't grant them admin access without opening ourselves up to breaches of personal information. How do you get away with this?

Event Manager Administrator Role profile should have varying levels of permission. If levels are not available, an Account Administrator should be able to restrict access of an EVENT MANAGER administrator to specific events or limit to check-in only. Our events often involve a lot of volunteers that work check-in They don;t need access to create/manage ALL events. That is kinda scary:-)

I hope there is somewhere a request under this subject to restrict Event Managers to their own event AND not allow them to touch the financials. Currently, an Event Manager has the same powers as our Treasurer - (who has to be a Donations Manager ???) which is extremely annoying to our Treasurer and potentially open to the Event Manager perpetrating fraud.