|
|
(2 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
− | The Staff Management menu contains three sections: '''Administrator Users''', '''Administrator Roles''', and '''Two Factor Authentication'''. These allow for control over access to the WHMCS admin area. You can create new staff members on the '''Administrator Users''' page, set their permissions on the '''Administrator Roles''' page, and enhance login security by configuring '''Two Factor Authentication'''.
| + | WHMCS allows you to create admins who can access and use the [[Admin Area]]. These users are separate from the clients that access the Client Area. You can create individual accounts for each admin and use detailed controls to set what they're able to view and do for each area of functionality. |
| | | |
− | ==Managing Administrators== | + | ==Administrator Users== |
| | | |
− | To set up additional admins, go to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > Manage Admins > Administrator Users'''. From here, you can view and edit existing operators as well as adding new ones. When editing an operator you can change all the details of the operator, including resetting their password. It also allows you to see any notes they have made for themselves.
| + | You can create and manage admins, including assigning administrator roles and support departments, at '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > [[Administrator Users]]''' or, prior to WHMCS 8.0, '''Setup > Staff Management > Administrator Users'''. |
| | | |
− | Admin usernames should use the following format:
| + | For more information, see [[Administrator Users]]. |
− | * Begin with a letter [<tt>A–Z</tt>, <tt>a–z</tt>]
| |
− | * Alphanumeric characters only.
| |
− | * No blank spaces.
| |
− | | |
− | ===Assigning to Support Departments===
| |
− | | |
− | To assign an admin to a support department, perform the following steps:
| |
− | | |
− | #Go to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > Manage Admins > Administrator Users'''.
| |
− | #Click the edit icon next to the administrator you would like to assign to a department.
| |
− | #About halfway down the page, you will see a list of all the support departments in the system. Check the boxes next to the ones you want this admin account to be a member of.
| |
− | #Click '''Save Changes'''.
| |
− | | |
− | After you assign an admin account to a department, the user will be able to view and respond to tickets in that department.
| |
− | | |
− | <div class="docs-alert-info">
| |
− | Please note that if the admin is assigned to a role that has "Access All Tickets Directly" enabled, they will be able to access tickets that are not in their assigned department(s) if they have a direct link.
| |
− | </div>
| |
| | | |
| ==Managing Administrator Roles== | | ==Managing Administrator Roles== |
| | | |
− | The administrator roles allow you to fine tune exactly what each of your admin users can do within your WHMCS administration area. You can set up as many different role groups as you want and then assign your admins to them as you need to. WHMCS comes with three default roles: Full, Sales, and Support Only. | + | The administrator roles allow you to fine tune exactly what each of your admin users can do within your WHMCS administration area. You can set up administrator roles under '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > [[Administrator Roles]]''' or, prior to WHMCS 8.0, '''Setup > Staff Management > Administrator Roles'''. |
− | | |
− | ===Information on Role Group Permissions===
| |
− | | |
− | One of the most important features of the admin area is being able to control what particular admins are able to access and manage. For example, you may want to give support operators less access to make changes than the business owner. WHMCS uses administrator roles to implement this. You can set up administrator roles under '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > Manage Admins > Administrator Roles'''.
| |
− | | |
− | For these settings:
| |
− | | |
− | #Those whose names start with '''Manage''' allow you to manage an item.
| |
− | #Those whose names start with '''View''' allow you to view an item.
| |
− | #Those whose names start with '''Create''' allow you to create a new mentioned item.
| |
− | #Those whose names start with '''Configure''' are generally for settings under the Setup menu. Disable them unless you want admins in that role to be able to change the mentioned sections.
| |
− | | |
− | Many of the '''Create''' permissions require the related '''Manage''' permission, so if you get ''Access Denied'' errors when you have the '''Create''' permission set, add the '''Manage''' permission and it should resolve this. For example, errors will occur for '''Create Invoice''' if you don't also enable '''Manage Invoices'''.
| |
− | | |
− | For all of your admin roles, you should enable, at least, '''Support Center Overview''' or '''Main Homepage'''. This allows the admin to see the support center overview or admin summary pages after logging in.
| |
− | | |
− | For an admin user that will be working with clients and tickets, you will likely want to give them any '''Manage''' or '''View''' permissions for tickets, domains, and client products. If they will be processing client orders or creating new services for clients, give the applicable '''Create''' and '''Manage''' permissions as well.
| |
− | | |
− | Alternatively, if you are having someone provide remote support and you only want them to be able to view items, but make no changes, you can give them the desired view permissions only.
| |
− | | |
− | Ultimately, you can configure the permissions to be as open or restricted as you need, based on your requirements.
| |
− | | |
− | ===Setting Role Group Permissions===
| |
− | | |
− | To set role group permissions:
| |
− | | |
− | #Navigate to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > Staff Management > Administrator Roles'''.
| |
− | #If you want to set up a new role group, click the '''Add New Role Group''' link and enter a name for it. To edit the permissions on existing group, click the edit icon next to it. A complete list of the permissions settings for the group you're creating will appear.
| |
− | # Configure the displayed options. The system provides options for each admin area page and individual controls like whether the admins can edit values.You can also set the email receiving preferences: system emails, account emails, and support emails.
| |
− | #Click Save.
| |
− | | |
− | ===Assign an Admin to a Role===
| |
− | | |
− | To assign an admin to a role:
| |
− | | |
− | #Navigate to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > Staff Management > Administrator Users'''.
| |
− | #Click the edit icon next to the admin you want to change.
| |
− | #In the '''Role Group''' menu, choose the role you want to assign the admin to.
| |
− | #Click save. The change will take effect immediately.
| |
− | | |
− | ==Common Role Configurations==
| |
− | | |
− | ===Limiting access to a specific installed addon===
| |
− | This is commonly required for allowing third party developers limited access to the WHMCS admin area in order to debug an issue with an installed addon module. For addon modules, the '''Addon Modules''' permission will need to be enabled and then the '''Access Control''' setting on the applicable addon will need to be edited under '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > Addon Modules''' to give their admin user access to the addon under the Addons menu (if applicable).
| |
− | | |
− | Depending on how the addon operates, it may be necessary to enable additional permissions as well (at discretion). For example: if an addon adds a "Support PIN" number on the client summary page, enabling the '''View Clients Summary''' permission may be necessary for the developer to be able to access a test client and verify it is working as expected.
| |
− | | |
− | ===Debugging provisioning modules===
| |
− | For debugging provisioning modules, it may be helpful to enable the '''Configure Servers''', '''View Clients Products/Services''', '''View Module Debug Log''', and '''Perform Module Command Operations''' permissions so that the developer is able to ensure the underlying module is correctly configured, test with a test service and obtain any module log data (if their module supports it). Further permissions, such as the ability to edit services with '''Edit Clients Products/Services''', are generally not recommended and should only be considered on a case-by-case basis.
| |
− | | |
− | ==Managing Two Factor Authentication==
| |
− | Two-factor authentication adds an additional layer of security by introducing a second step to the login process. It takes something you know (for example, your password), and adds a second factor, typically something you physically have (such as your phone). Since the system will require both to log in, if an attacker obtains your password, two-factor authentication would stop them from accessing your account.
| |
| | | |
− | You can apply Two-Factor Authentication to staff, clients, or both. Instructions for configuring Two-Factor Authentication are on the [[Security_Modules#Configuration|Security Modules page]].
| + | For more information, see [[Administrator Roles]]. |
You can create and manage admins, including assigning administrator roles and support departments, at Configuration () > System Settings > Administrator Users or, prior to WHMCS 8.0, Setup > Staff Management > Administrator Users.
The administrator roles allow you to fine tune exactly what each of your admin users can do within your WHMCS administration area. You can set up administrator roles under Configuration () > System Settings > Administrator Roles or, prior to WHMCS 8.0, Setup > Staff Management > Administrator Roles.