POS security is the company-wide knobs that make the register a little stricter — sign out after X minutes, require a reason when a sale gets voided, require a customer on every sale — plus how linked returns behave when a cashier rings a negative line. It's a short page; most of the granular "who can do what" lives on the staff record, not here.
In the Admin mode, open Security in the left sidebar. It's a single page with two sections: POS settings and Linked returns.
The top section, POS settings, has one numeric input and four toggles. Each is company-wide — flipping one affects every location and every cashier.
Inactivity timeout — how long a Rundoo tab can sit idle before the staff member gets signed out. Value is in minutes; tune it for how your counter runs (a busy paint desk that steps away to mix wants a longer window than a single-terminal hardware counter that should auto-lock fast). Click the field, type a new number, and hit Save — Cancel backs out without applying.
Automatically sign out after completing sale — when on, Rundoo signs the staff member out at the end of each sale. Use this at shared terminals where the next cashier should re-ID before ringing. Leave it off if one cashier runs a register for their whole shift.
<aside> ⚠️
Flipping this toggle off doesn't reach cashiers who are already signed in — their POS tab keeps auto-signing-out after each sale until they hard-refresh the page (or sign out and back in once). Plan for a quick Cmd+R / Ctrl+R on every active register after you change the setting, so the next sale picks up the new value.
</aside>
Require all guest sales and returns to have an internal note (customer level settings override this) — when on, a guest (no-customer) sale or return can't complete until the cashier types something into the Internal notes field. Good for stores that want a reason-code trail on cash-and-carry walk-ins. Per-customer overrides on the customer record can loosen this for specific accounts.Require reasons to void transaction — when on, clicking Void on a sale or draft pops a confirmation modal instead of voiding silently. See the section below for how that surfaces at the counter.Require all sales and returns to have a customer attached — when on, Sale and any return action stay disabled until a customer is attached to the cart. Hard-closes the door on guest sales. Most stores leave this off (walk-ins are real); charge-account-only businesses turn it on.Below these, the Linked returns section controls how Rundoo handles negative lines — see How linked returns behave below.
POS security is company-wide; staff permissions are per-person. They stack rather than replace each other.
A cashier can void a sale only if:
Require reasons to void transaction is on company-wide, they click through the confirmation modal at the register.