CPQ User Management
How to add CPQ users, assign rights, and check who can do what — all from Good Sign Billing.
Audience: Good Sign admin users managing CPQ access for their organisation. Scope: how to add CPQ users, assign the right access, and verify that access works. All user management for CPQ lives in Good Sign Billing; rights assigned in Billing carry over to the CPQ client automatically. See also: the dedicated User & Login Management and User Rights & User Right Profiles guides for the underlying Billing-side workflows. This document focuses on the CPQ-specific layer on top of them.
1. Where CPQ user management lives
There is no separate CPQ user database. Users, login credentials, user rights, and user right profiles are all managed in Good Sign Billing (Settings → Users). When you assign a user the CPQ-related rights in Billing, the user gains access to the corresponding CPQ functionality immediately — the CPQ client uses the same authentication and the same rights.
This means:
-
A single user identity covers both Billing and CPQ.
-
Admins maintain one rights setup, not two.
-
Changes to a user’s rights take effect across both interfaces.
2. Typical CPQ user groups
The CPQ tool is used by a mix of roles. The grouping below is the typical pattern — not a fixed system definition. Actual rights bundles are environment-specific (see §4) and admins are free to design narrower or broader roles.
| Typical role | What they do | Typical access |
|---|---|---|
| CPQ Admin | Builds and maintains forms, templates, master settings, and assigns access to others | Full CPQ admin rights (forms, templates, admin settings) — see §5 |
| Salesperson | Uses CPQ to create quotes for customers from existing forms | CPQ client access only — see §6 |
| Other users | Customer success, account managers, anyone who needs to generate a quote occasionally | Same as salespeople; CPQ client access only |
These are descriptive groupings, not technical roles inside Good Sign. Environments commonly turn them into user-rights profiles like CPQ Admin or CPQ Client — but profile names and contents vary, so always verify the profiles in your environment (see §4).
3. Adding and removing users
Adding a CPQ user is the same process as adding any other Good Sign user — there is no CPQ-specific user creation step. In short:
-
Go to Settings → Users in Billing.
-
Select the user’s organisation in the tree on the left.
-
Right-click in the user list and choose + Add User.
-
Fill in the user details and save.
-
Use Manage Login (also in the right-click menu) to set up login credentials. Creating the user record and creating the login are two separate steps — both are required before the user can sign in.
For the full step-by-step, including delete and edit flows, see the dedicated User & Login Management guide.
Note: Always verify a user does not already exist for the same person before creating a new one. Duplicate users can cause confusion later, especially around quote history and assigned rights.
4. Managing user rights and profiles
Two ways to grant rights in Good Sign Billing:
-
Individually, by assigning specific rights to a single user
-
By profile, by assigning a predefined bundle (user rights profile) to a user
Both can be combined — most real users have a profile plus a few additional rights on top.
User rights and rights profiles are environment-specific and configured by system administrators. Names and contents of profiles vary between environments depending on customer needs and setup. Profiles often used in CPQ contexts include names like CPQ Admin, CPQ Admin with API, CPQ Admin with API / Products / Prices, and CPQ Client — but these are examples, not system-defined defaults. Verify the actual profiles in your environment.
For the full step-by-step on managing rights and profiles, see the dedicated User Rights & User Right Profiles guide.
5. Key visibility rights for CPQ admin access
A CPQ admin typically needs the menu-level visibility rights that gate the CPQ admin pages in Billing. In standard configurations these are:
| Right ID | Name | Gates |
|---|---|---|
| 3270 | Menu - CPQ Forms | The CPQ → Forms list page |
| 3271 | Menu - CPQ Quote Create Form | The + Create Form button on the Forms page |
| 3275 | Menu - CPQ Admin settings | The CPQ admin settings area |
| 3280 | Menu - CPQ Templates | The CPQ → Templates list page (added in Release 2026_2) |
| 3281 | Menu - CPQ Create Template | The + Create Template button on the Templates page (added in Release 2026_2) |
These are the typical visibility gates — they get the admin into the right pages. Further rights inside the workflows (editing, activating, deleting) may be required depending on what the admin needs to do, and may vary by environment.
Not exhaustive. Use this as a starting point, not a closed list. Add or remove menu-level rights based on what the admin should see in their environment.
6. Typical rights for salespeople and CPQ client users
A salesperson does not need any of the admin menu rights above. They need just enough to authenticate and use the CPQ client:
| Right ID | Name | Notes |
|---|---|---|
| 6001 | Public API | Allows API usage (required for the CPQ client to authenticate against Good Sign) |
| 6090 | GS API - CPQ | Grants access to GS API CPQ actions on behalf of the user |
In addition, the salesperson must have access to the organisation the customer belongs to (a Home organization assignment or equivalent in your environment).
Form-level visibility. Beyond these baseline rights, each form has its own Permission tab setting on activation that gates which user right is needed to see that form in the CPQ client (see the CPQ Forms admin guide). A user who has the baseline access above but lacks the form-specific user right will sign in but won’t see the form. That’s a feature, not a bug — it lets admins limit which sales segments see which offering.
7. Checking access for a specific user
When a salesperson says “I can’t see the new form” or an admin says “I can’t see the Templates page”, check their rights directly:
-
Go to Settings → Users in Billing.
-
Select the user’s organisation in the tree on the left; users appear on the right.
-
Right-click the user and choose User Rights (to see individual rights) or User Right Profiles (to see which profile bundles are assigned).
-
In the User Rights dialog, set the Organization filter to the organisation in question (typically the user’s home org, or Root for global rights).
-
Use the Right filter at the top to narrow the list — start typing CPQ to see all CPQ-related rights matching the user’s assignments.
If the user is missing a right you expect, either assign it directly or update the profile that should have included it.
8. API access
CPQ API access is governed by the same Billing user rights described above. There is no separate CPQ API user setup. In practice:
-
Only authenticated Good Sign users can call CPQ APIs — the user’s Billing identity is the API identity.
-
The user’s assigned rights determine what they can do via API. An admin with
Menu - CPQ Templates(3280) and a salesperson with only baseline rights (6001 / 6090) get different API surface areas. -
Authentication for API requests follows the same scheme as the CPQ client.
9. Quick reference
| Task | Path / Click |
|---|---|
| Add a new user | Settings → Users → right-click in user list → + Add User |
| Set up login for an existing user | Right-click user → Manage Login |
| Edit user details | Right-click user → Edit User |
| Delete a user | Right-click user → Delete User |
| See an individual user's rights | Right-click user → User Rights |
| See an individual user's assigned profiles | Right-click user → User Right Profiles |
| Filter a user's rights to CPQ only | Open User Rights → type CPQ in the Right filter |
| Check the typical admin gate | Look for rights 3270 / 3275 / 3280 |
| Check the typical salesperson baseline | Look for 6001 (Public API) and 6090 (GS API - CPQ) |
| Add a user to a profile | Use the User Rights & User Right Profiles workflow in Billing |