Grant or Remove Toast Web Access for Existing Employees

Last updated: May 11, 2026, 11:04 AM

If an employee can't log in to Toast Web or the POS with their email address, follow these steps to grant them access.

In this Article:

 

Before You Begin

Applies to: Toast Web

 

Permissions needed:

  • 4.9 Employee Info—required to edit employee profile information and send invites
  • 4.10 Employee Jobs & Wages—required to change permissions when removing access
  • 8.2 User Permissions—required to change permissions, plus you must already hold every permission you are trying to add or remove. For details, see Get Help With User Permissions for Toast POS.

 

What you'll accomplish: Send a back-end account invite to an existing employee so they can log in to Toast Web, or strip an existing employee's Toast Web access by removing back-end permissions.

 

Toast Web access (back-end login at toasttab.com) is separate from POS access. Most hourly staff only need a POS access code to clock in and use the POS—they do not need Toast Web access. Grant Toast Web access only to managers, owners, accountants, bookkeepers, or anyone who needs to view reports, edit menus, or change settings. For an overview of all available permissions, see Permissions Reference Guide.

 

Back to top

 

Grant Toast Web Access to an Existing Employee

To send a back-end account invite to a user who already has an employee profile:

  1. In Toast Web, navigate to the Employees list by going to Employees > Employee management > Employees, and locate the employee you want to grant access to.
  2. Hover over the employee's row to view their email address. Verify that this is a real email address that the employee has access to.
  3. If the email address is invalid or incorrect, select the employee's last name hyperlink, navigate to the Profile tab, update the email, and select Save.
  4. From the Actions column, select the three dots (overflow menu), then select Invite to create account.
  5. Select Confirm to send the invite.

 

Expected outcome: The employee's status changes to Invited. Once they accept the invite from their email and create a password, the status changes to Active, and they can log in to Toast Web at toasttab.com. Depending on their permissions and your restaurant's setup, they can also access Toast Now, the MyToast app, or Toast Tables.

 

Note: An invited user's profile can be edited by an administrator or owner—including their email and phone number—before the invited user has activated their account.

 

Back to top

 

Cancel an Invitation Sent by Mistake

If you invited an employee by mistake, or they do not need a back-end account on Toast:

  1. In Toast Web > Employees > Employee management > Employees, locate the employee.
  2. Select Archive in the Actions column to cancel the invite. The employee will still receive the invite email, but will not be able to accept it or create a password.

 

To restore the employee's profile (so they can clock in again), a new profile will need to be created.

 

For a related scenario where you need to remove the Invited status without archiving—for example, when an employee can no longer receive the email—see Remove the Invited Status on an Employee Profile.

 

Back to top

 

Grant Toast Web Access to a Non-Employee

This same process is used to grant Toast Web access to a non-employee, such as an accountant or bookkeeper. Set up an employee profile with a corresponding email address, then follow the steps above.

 

When assigning permissions, only grant the specific permissions the non-employee needs. Be especially careful with admin-level permissions and POS access.

 

If you also use Toast Payroll, do not add an accountant or bookkeeper as a regular employee in Toast Web—this can cause invoicing and tax reporting issues. Instead, follow the dedicated process in Toast Payroll: Give Access to a Non-Employee.

 

Back to top

 

Employee Account Activation for Toast Web

Once you invite an employee to create a Toast Web account, they must open the invitation sent to their email and follow the instructions to activate their account.

 

Employees with Invited status can clock in and use a Toast POS device with their POS access code as usual. Their Toast Web (back-end) account becomes active only after they accept the invitation and create a password.

 

Back to top

 

Resend an Invitation

Invitations expire after seven days. To resend:

  1. In Toast Web > Employees > Employee management > Employees, locate the employee.
  2. Hover over the Invited status or the Expired status next to their name.
  3. Select Resend invitation in the pop-up.

 

Expected outcome: A new invitation email is sent. The expiration timer resets to seven days from the resend.

 

Use this same process if the employee's email address was incorrect when the original invitation was sent, and you have since updated it on their Profile tab.

 

Back to top

 

When the Invitation Email Doesn't Arrive

If an employee doesn't see their invitation email, try these steps in order:

  1. Have the employee check the spam or junk folder of their email account.
  2. Verify the spelling of the email address you entered in Toast Web. Update it on the Profile tab if needed, then resend the invitation.
  3. Archive the employee, then re-add their profile and send a new invitation. For full archive and restore steps, see Add and Manage Employees in Toast Web.
  4. If you see a 550-series error, the receiving email provider is rejecting the email. Check with the employee's email provider, then resend.

 

If the email still does not arrive after these steps, see Get Help With Managing Employee Email Addresses or proceed to Before You Contact Customer Care.

 

Back to top

 

Remove Toast Web Access from an Existing Employee

To strip Toast Web (back-end) access from an existing employee while leaving their POS access intact:

  1. In Toast Web > Employees > Employee management > Employees, locate the employee and select the pencil icon in the Actions column to edit their profile.
  2. Select the Jobs and Permissions tab.
  3. Scroll down to the Permissions section.
  4. Toggle the slider to Override, then deselect every permission in the 4 Restaurant Admin and 6 Web Setup sections. These are the sections that grant Toast Web access. You may keep selections in 3 Manager or 5 Quick Edit Access if the employee still needs those POS-side capabilities. Please note: Employees will still be able to log into Toast Web, but information will be restricted.
  5. Leave permissions in 1 POS Access and 2 Delivery Access unchanged so the employee can still clock in and use the POS.
  6. Select Save.

 

Expected outcome: The employee can no longer access Toast Web functions tied to 4 Restaurant Admin or 6 Web Setup, but their POS access code continues to work for clock-in and POS tasks. The employee should log out and log back in for changes to take effect on the POS.

 

An employee's effective access is the combination of permissions inherited from their assigned Job plus any individual overrides. The Override toggle bypasses job-level defaults so you can grant or remove access for one employee without changing their job. For full guidance on permission editing, see Assign User Access Permissions.

 

If you do not see the Override toggle, you do not have all of the permissions you are trying to remove. You must hold every permission you are trying to change, plus 8.2 User Permissions. Have an admin or owner who holds the missing permissions make the change, or grant the missing permissions to your own profile first. See Get Help With User Permissions for Toast POS.

 

To remove all Toast access for a departing employee—POS included—archive their profile instead. For steps, see the Archive (Delete) an Employee in Toast Web section of Add and Manage Employees in Toast Web.

 

Back to top

 

Frequently Asked Questions

Why is Invite to Create Account grayed out?

Invite to create account is grayed out for one of two reasons. First, Toast may not recognize the employee's email address as valid—double-check the spelling and format on the Profile tab. Second, the employee may have already been invited but has not accepted yet—in that case, hover over the Invited or Expired status and select Resend invitation instead. For a specific format error, see Get Help With Toast Web Error: Invalid Email.

 

How do I resend an invite to an employee?

See the Resend an Invitation section above for the full procedure.

 

How do I change an employee from Expired to Active?

Resend their invitation—see the Resend an Invitation section above for the full procedure.

 

Why does the email say "Invalid or in Use"?

The error "This email address is invalid or currently in use with another Toast account" appears when an employee tries to edit their own email address on their My Account page, and the email is already attached to another Toast profile (often from a previous job at a different Toast restaurant). To fix this, someone else at the employee's business will need to add them as a new employee with the updated email address on file. If the email belongs to the same person at a previous restaurant, see Before You Contact Customer Care—releasing the email from the prior account requires Customer Care.

 

How do I give my accountant or bookkeeper access?

To give an accountant or bookkeeper access to Toast Web, follow the Grant Toast Web Access to a Non-Employee section above. If you also use Toast Payroll, follow the dedicated process in Toast Payroll: Give Access to a Non-Employee instead—adding non-employees as regular employees in Toast Payroll causes invoicing and tax reporting issues.

 

Back to top

 

Before You Contact Customer Care

If you have worked through the steps above and the issue persists, gather this information before contacting Customer Care. The following scenarios typically require account-level intervention that cannot be resolved by self-service:

  • The invitation email is not arriving after resending, checking spam, verifying the email address, archiving and re-adding the profile, and confirming with the employee's email provider that no 550-series rejection occurred
  • Email address is already in use with another Toast account at a different restaurant and needs to be released
  • Employee profile is stuck in a "creating account" state and cannot be archived or reinvited

 

Have the following ready:

  • Employee name and email address (as entered in Toast Web)
  • Restaurant name and location
  • The exact error message you are seeing, if any
  • Steps you have already tried from this article

 

Back to top

 

Related Articles

 

Back to top