Admin Users
person person
System Administrators and Member Administrators
This section is used to set up and manage administrative users. A pre-defined access level group assigned to the username determines the access level of each administrative user. A read only option is available for each access level group to provide access to the appropriate sections for support roles that are not required to add records, edit details or upload files.
When the Issuer system is first installed, it creates the main administrative user, named administrator, by default. The administrator user has the highest level of access throughout the issuer system and can create other users that have restricted access rights, are restricted to certain tasks or are have limited access to a certain issuer.
The access level groups are:
System administrator
This is the highest level of access in the system with access to system options, issuer management, user management, cardholder management, transactions, reporting and audit log.
Issuer administrator
This level provides access to issuer configuration options, cardholder management, transactions, reporting and audit log.
IT security administrator
This level provides dedicated access to the Audit Log, for an issuer or issuer group
Member administrator
This level provides dedicated access to the Admins section (administration user management), for an issuer or issuer group
Business administrator
The business level of access to the system provides access to cardholder management, transactions, reporting and audit log.
Helpdesk
The helpdesk user can access cardholder management and transactions.
Note
If the issuer has access to business rules functionality, Business admin and / or Helpdesk users can be granted access to the Rules section, refer to Section 3.1.3.4 - Issuer Details for further information.
The ActiveAccess issuer system is designed for simultaneous use by multiple issuers, with each access level being able to be restricted to a certain issuer or a group of issuers. This provides the flexibility of allowing a third party to manage multiple issuers on their behalf as well as allowing each issuer to manage their own system without having access or interfering with other issuers.
Normally when a new issuer signs up with the system, the system administrator creates a new issuer and a new issuer administrator. The issuer administrator can then create business administrator and helpdesk users as appropriate for their requirements.
Admins has the following menu options:
Find Admin for maintaining administrative users and their details
New Admin for adding new administrative users
Find Admin¶
This page allows you to search for an administrative user based on Status, Group, Username, Full name, Issuer or Issuer group.
Admins > Find Admin
Use the following fields to search for an Admin user:
You can leave all fields at default or blank to display a list of all admin users.
Select a Status or All from the drop down list. You can search for enabled or disabled administrative users or both.
Select a Group or All from the drop down list. Depending on your access level you may be able to search for System Admin, Issuer Admin, IT Security, Member Admin, Business Admin or Helpdesk users.
Enter all or part of the administrator's Username.
Enter all or part of the administrator's Full name.
Select an Issuer or All from the drop down list.
Select an Issuer Group or All from the drop down list.
Search button to display results
The Search Result page will be displayed.
Admin Search Results¶
Admins > Find Admin > Search Results
Administrative users are listed according to the search criteria you entered on the Find Admin page. You can select any administrative user and delete, enable or disable them.
Note
The main system administrator (administrator) is not displayed in the search results and cannot be disabled or removed.
You can also browse to the admin details page by following the link under Username or Full name and you can also use the Change password link to reset a user's password.
Use the following steps to delete, enable or disable an administrative user:
Choose one or more users by clicking the Select checkbox adjacent to the Username
Click the Delete, Enable or Disable button as appropriate.
A confirmation message will be displayed.
Use the following steps to select an administrative user:
Click the Username hyperlink for the user for which you wish to view or edit details.
The Admin Details page is displayed.
Use the following steps to change an administrative user's password:
Click the Change password hyperlink for the user whose password you wish to change.
The Change Password page is displayed.
Use the following steps to select all items that match the search criteria:
- Click the checkbox under the Select column to select or unselect all items. This allows you to perform the desired action on all selected items.
Warning
Important: The display of search results is limited to 400 records, however if you select all records, all records matching the search criteria will be affected by the action you choose to perform.
Warning
Performing the selected action on a large number of records may take a long time to complete and will generate the equivalent number of audit log records. Use this functionality on a large number of records diligently and only where strictly necessary.
Admin Details¶
Admins > Find Admin > Search Results > Admin Details
This page allows administrative personnel with the appropriate access rights to update administrative user information.
Note
System administrators have access to all admin users. Issuer administrators have access to business admin and helpdesk users.
The following admin details are displayed on this page:
Status
Can be either enabled or disabled. A user in a disabled state will not be able to login to the system.
Note
The main administrator cannot be disabled.
Last login
Shows the date and time of last login by the user of this administrative account.
Group
Indicates the level of access a user has in the administration server and cannot be changed. There access levels are:
System Admin
Issuer Admin
IT Security Admin
Member Admin
Business Admin
Helpdesk.
You can create a user at any one of these access levels with Read only access by selecting the Read only checkbox below.
Only administrators that belong to the System Admin and Issuer Admin groups have access to the Admins section and can create new admin users. Issuer Admin group users may only create Business Admin and Helpdesk users. System Admin users may create users at any and all levels.
Note
The main administrator's group cannot be changed.
Issuer or Issuer Group radio button
Specifies which issuer or issuer group the issuer admin user can access. Issuer admin users may be assigned to a previously defined issuer group rather than a single issuer, which enables them to manage multiple issuers.
Administrators who belong to System Admin group can always access all issuers and as such, issuer selection for system administrators is not required.
Username
A unique name used to identify the administrative user and used for logging into the administration server. The main administrator's username is always administrator and cannot be changed.
Full name
Optional user information that is stored for housekeeping purposes.
Email address
Optional user information that is stored for housekeeping purposes.
Contact number
Optional user information that is stored for housekeeping purposes.
Address
Optional user information that is stored for housekeeping purposes.
Change Password (Admins > Find Admin > Search Results > Change Password)
While administrators with a higher access level cannot access or see other admin passwords, they can reset or change other users' password. The newly selected password may only be valid for first login if "User must change password at next logon" option is selected.
Read only access checkbox
Select this checkbox if the user performs a support role that is not required to add records, edit details or upload files, for example.
Two-factor authentication login checkbox
Select this checkbox if you want to enable two-factor authentication when this user logs in.
Note
An email will be sent to the user with a QR code, to be used with Google Authenticator. To use this option, mail server must be configured in System Management > Settings. For more information, refer to Login.
Click the Apply button to save changes.
A confirmation message will be displayed.
OR
Click the Back button to return to the Search Results page without saving any changes.
Use the following steps to change an administrative user's password:
Username is displayed and cannot be changed.
Enter the new Password.
Confirm the new password in the Re-enter new password field.
Click the User must change the password at next logon checkbox, if required.
Click the Apply button to save changes.
A confirmation message will be displayed.
New Admin¶
Admins > New Admin
All ActiveAccess administrative users must be set up in this section.
Creating a new administrative user:
Status
Can be either enabled or disabled. A user in a disabled state will not be able to login to the system.
Group
Indicates the level of access a user has in the administration server. There access levels are:
System Admin
Issuer Admin
IT Security Admin
Member Admin
Business Admin
Helpdesk
You can create a user at any one of these access levels with Read only access by selecting the Read only access checkbox.
Only administrators that belong to the System Admin and Issuer Admin groups have access to the Admins section and can create new admin users.
System Admin users may create users at any and all levels. There is no interdependency between System Admin users and the other users they create.
Issuers or Issuer Groups
Choose the appropriate radio button and select an Issuer or an Issuer group from the drop down list.
Administrators who belong to the System Admin group can always access all issuers and as such, issuer selection for system administrators is not required.
Username
A unique name used to identify the administrative user and used for logging into the administration server. The main administrator's username is always administrator and cannot be changed.
Password
Enter a password
Re-enter password to confirm it.
Select the User must change password at next logon checkbox if you want this password to be valid for the user's first login only.
Select the Two-factor authentication login checkbox if you want to enable two factor authentication when this user logs in.
Note
An email will be sent to the user with a QR code, to be used with Google Authenticator. To use this option, mail server must be configured in System Management > Settings. For more information, refer to Login.
Full name
Optional user information that is stored for housekeeping purposes.
Email address
May be used by the system in order to send email notifications, if the appropriate option is configured by the system administrator.
If
Two-factor authentication loginis enabled, this email address will be used for sending a QR code to the user. Mail server must be configured in System Management > Settings.Contact number
Optional user information that is stored for housekeeping purposes.
Address
Optional user information that is stored for housekeeping purposes.
Read only access checkbox
Select this checkbox if the user performs a support role that is not required to add records, edit details or upload files, for example.
Click the Apply button to save changes.
A confirmation message will be displayed.
Note
For further information on individual fields, please refer to Admin Details.