As of November 4, 2025, the B2B Suite now features a new permission-based access control (ACL Access Control List). This update improves the security and management of users and purchasing organizations, ensuring that only authorized roles can view or edit store information.

With the new model, access to buyer organizations, cost centers, and users in the VTEX Admin now depends on specific permissions.

Previously, any user with access to the VTEX Admin could view and edit purchasing organization information.

Now, with the new Access Control List (ACL), only users with the required Licence Manager permissions can perform these actions.

The available permissions are:

• buyer_organization_view: Allows viewing organizations, cost centers, and users.
• buyer_organization_edit: Allows creating, editing, and deleting organizations, cost centers, and users.

Both permissions can be configured in Buyer Organizations > Management when editing User Roles in the VTEX Admin.

To enable the new access control, update the B2B Suite apps to a compatible version.

For more information, see the Enabling an access control list (ACL) in B2B Suite documentation.