Overview

Every Ananas GDS account is created by one person — the account owner . The owner can invite additional team members, called authorized users (also referred to as sub-users). Each authorized user signs in with their own email and password but works inside the owner's account: they share the owner's company profile, subscription, and notification inbox.

The owner stays in full control through three layers:

Layer What it controls
Role A job label (e.g. Reservations, Sales) used to organise your team. It does not grant or block anything by itself.
Module permissions Per-module on/off switches. A module the user lacks permission for is hidden from their sidebar and blocked if they try to open it.
Data scope Which data the user can see inside the permitted modules: specific properties for accommodation accounts, specific countries for tour operator / travel agent accounts.

The account owner always has full access to everything — permissions only apply to authorized users. Only the owner can create, edit, or remove authorized users.

Where to Find It

In the app sidebar, open Roles & Permissions → Authorized User . The page lists your team with their name, email, account type, and activation status, and shows your current usage against your plan's authorized-user limit.

Plan Limits

The number of authorized users you can add depends on your subscription plan. The usage chip on the Authorized Users page shows how many slots you have used (for example 2 of 5 used ; higher tiers can be unlimited). When the limit is reached, the Add User button is disabled until you remove a user or upgrade your plan.

Creating an Authorized User

1
Go to Roles & Permissions → Authorized User and click Add User .
2
Fill in the user's details: first and last name, email, phone, location, job title, and an initial password.
3
The new user appears in the list as Not Activated until they confirm their account; after activation the status switches to Activated .
4
Open the user with Edit to assign a role, tick the module permissions they need, and set their property or country scope (see below).

Roles

Each authorized user can be given one role. The role is a descriptive label for organising your team — access is controlled by the permission switches, not the role. The available roles depend on your account type:

Account Type Roles
Accommodation General Manager, Reservations, Front Office, Public Relations, IT Specialist, Finance & Accounting
Tour Operator / Travel Agent Sales, Operations, Finance, Finance & Accounting

Module Permissions

Permissions are per-user switches, and the set offered depends on the account type. Each switch gates its module in two places at once: the sidebar entry is hidden, and the pages are blocked, for any authorized user who lacks it.

Accommodation Accounts

Permission Allows the user to
Manage Properties Create, edit, and delete properties.
Manage Fact Sheet details Edit fact sheet content.
Manage Property Photos / Gallery Upload and manage photos.
Manage Stop Sale / Availability Charts Create and edit stop sale events and availability.
Manage Company Settings & Profile Edit company details, logo, and company-level settings.
Manage Mailing / Contacts List Manage contacts and mailing lists.
Manage Partner Connections & Contracts Send and manage partner contracts and use the partner market.
Access Invoicing Module Use the invoicing module.
Access Rooming Lists Use the rooming lists module.
Allowed Exporting / Sending Files Export data, send mails, and download files.
Manage Developer Tools, System Integrations, APIs Manage API tokens, widgets, integrations, and webhooks.
Manage Payment & Billing View and manage the subscription, payment, and billing pages.

Tour Operator / Travel Agent Accounts

Permission Allows the user to
Manage Partner Products & Content Edit across mapping, room mapping, fact sheet overrides, and partner photos. Viewing partner data is available without this switch; editing is further limited by the user's country scope.
Manage Partner Connections / Market Send and manage partner contracts and use the partner market.
Access Invoicing Module Use the invoicing module.
Access Rooming Lists Use the rooming lists module.
Export / Download Data Export and download data and files.
View Finance & Accounting Reports View finance and accounting reports.
Manage Company Settings & Profile Edit company details, logo, and company-level settings.
Manage Payment & Billing View and manage the subscription, payment, and billing pages.

Billing requires Company Settings

The Payment & Billing pages live inside Company Settings, so granting Manage Payment & Billing automatically enables Manage Company Settings & Profile as well. The form marks the dependency for you.

Data Scoping

Beyond module permissions, each authorized user can be limited to a slice of your data. The scope panel on the user's edit page depends on your account type:

Account Type Scope How it works
Accommodation Property Access Tick the properties from your portfolio the user may work with. A sub-user managing one hotel in a chain will not see the other properties unless granted access.
Tour Operator / Travel Agent Country Access Select the countries the user may work with. Their access to connected partner properties is limited to those destinations.

Leaving the scope empty means no restriction — the user sees all your properties (accommodation) or all connected partner countries (tour operator), and only the module permissions apply.

Sessions & Notifications

Authorized users have their own independent login sessions — session limits apply per user, not per account. Notifications are shared: authorized users see the account's notification inbox, so the whole team works from the same partner updates.

API Endpoints

Method Path Description
GET /api/auth/authorized-users/ List all authorized users.
GET /api/auth/authorized-users/quota/ Get the plan limit and current usage.
POST /api/auth/authorized-users/create/ Create a new authorized user.
GET /api/auth/authorized-users/{id}/ Get an authorized user's profile.
PATCH /api/auth/authorized-users/{id}/update/ Update an authorized user's profile.
DELETE /api/auth/authorized-users/{id}/delete/ Remove an authorized user.
GET /api/auth/authorized-users/{id}/permissions/ Get the user's role, permission flags, and data scope.
POST /api/auth/permissions/create/ Create the permissions record for a user.
PUT /api/auth/permissions/update/{user_id}/ Update permission flags and data scope.