Last update 28/09/2018

5. User management

On the User Management page, you can:

  • create new users
  • manage users’ passwords
  • deactivate users that are no longer active in the company
  • edit user details

The permitted number of users is displayed on the "User Management" menu page. Once the permitted number of users has been reached, the “New User” button will be disabled.

5.1 Create a new user

You can create a new user by clicking the “New User” button on the User Management page. The form that is displayed must be completed in order to submit a new user.

5.1.1 Pre-initialised details

The form contains three pre-initialised data fields:

  • REFID: name of entity the UserID is linked to (e.g. for a merchant his PSPID).
  • User Type: type of entity the UserID is linked to (e.g. for a merchant: “PSPID”).
  • User created by: the UserID of the user creating this new user / his user type / his REFID.

5.1.2 User details

The user details that need to be completed are:

  • USERID: the UserID (username) for the new user (min. 3 and max. 20 characters long, no spaces or special characters).
  • User’s name: the new user’s full name.
  • Email address: the new user’s email address (if in future a new password is triggered for this user, it will be sent to this email address).

5.1.3 Time zone

With the creation of a user, automatically the time zone of the PSPID is applied. Afterwards, the user can configure the time zone of his choice.

The time zone that the user chooses is applicable for all the back-office pages where the time is relevant. This way the user can also view and download transactions and files/reports in his own preferred time zone.

Moreover the time can automatically be adjusted to daylight saving changes, by selecting the same option.

5.1.4 Profile

See User profiles.

5.1.5 Scope limited to user

This can only be configured for the following profiles:

  • Encoder
  • Super-encoder
  • Super-encoder without refund

If enabled, Encoders will only be able to see and access transactions they have entered/initiated themselves. They will not be able to see/access any transactions entered by other users.

If enabled, the Super-encoders will only be able to see, access and perform maintenance operations on transactions they have entered/initiated themselves except for maintenance operations that are submitted via file upload. They will not be able to see/access/perform maintenance operations on any transactions that other users have entered.

5.1.6 Special user for API

If you want to create an applicative user (API user), you have to enable this option. The user you create will only be permitted application access and not back-office access via the website.

5.1.7 Access rights

The Reconciliation, Fraud detection, Payment methods and Technical information access rights can be enabled with their respective checkboxes.

These options can only be configured for the following profiles:

  • Viewer
  • Admin
  • Admin without user management

You can submit the user settings you entered by clicking the “Create” button. If any of the information has been incorrectly filled out, an error message will be displayed. Instead of the newly created user being sent his first password by email, a screen will be displayed showing the password our system created for him. This password can then be communicated to the new user.

5.2 Password management

You can send a new password to a specific user by clicking the “Send new password” button. The new password will be sent to the email address configured in the user’s details.

You cannot assign a new password to the user you logged on with yourself, or to the account’s default user.

If the account’s default user has lost his password, he can only request a new password via the “Lost your password?” link on the login page. On the next page, he should complete the PSPID and click the “Submit” button. An email containing a new password will be sent to the account's administrative e-mail address.

For API users there is no “Send new password” button. To change an API user's password, you have to use the "Change password" button. You will be redirected to a page where you can change the password manually.

For added security, you can also activate or deactivate two-factor authentication (2FA). Click here for more information.

5.3 Deactivate users

You can set a user to "inactive" by clicking the “Deactivate” button next to the user. When a user is inactive he is no longer allowed to log into the account and is no longer taken into account for the permitted number of users.

To display a full list of users (both active and inactive), you can click the “Show inactive users” button.

To be PCI compliant and for security reasons, you/we are not allowed to delete users.

5.4 Edit user details

To change a specific user’s details, you can click the “Edit” button next to that user. In the case of the default account user, only the name and email address can be changed.

5.5 IP address

To protect against unauthorized access to the Back-Office merchant accounts, users can give access to a specific IP address (or list of IP addresses) by registering the address(es) in the IP address field.

Users must log in using their account in order to configure this field. The IP address field is in Login Access under the Configuration > Users tab.

5.5.1 IP address user restrictions

Users will not be able to connect to the Back-Office if the IP address does not exist in the defined range.

However, if the IP address field is left blank then there will be no IP restrictions to the Back-Office.

The IP address of the administrator configuring the IP range must also be included in the defined range. Otherwise, the administrator will receive an error message and the IP address will not be saved.

5.5.2 IP address format and value

A strict IP address format must also be followed:
  • CIDR compliant, for example: 212.166.204.28/32.
  • Have a maximum length of 512 characters.
  • If you want to register multiple IP addresses, semi-colons must be used to separate them.

This website uses cookies to be able to give you the best user experience. If you don't want to accept these cookies, we allow you to change the cookie settings. Click 'Accept' to allow all cookies from this website.

Cookie settings

Introduction

Functional

Functional cookies are required for the website to operate correctly. These cookies cannot be disabled.

Optimized

Optimization cookies allow us to analyze site usage so we can measure and improve our website.
This is the default level.

Personalized

Personalization cookies are used for social media and advanced personalization. They allow us to show you information related to your company.


Example functionality allowed

  • Store country preference
  • Store language preference

Example functionality not allowed

  • Saving personal data
  • Anonymous tracking via Google Analytics
  • Tracking for remarketing purposes

Example functionality allowed

  • Store country preference
  • Store language preference
  • Anonymous tracking via Google Analytics

Example functionality not allowed

  • Saving personal data
  • Tracking for remarketing purposes

Example functionality allowed

  • Store country preference
  • Store language preference
  • Anonymous tracking via Google Analytics
  • Serve content relevant to your interests
  • Serve ads relevant to your interests
  • Tracking for remarketing purposes

Example functionality not allowed

  • Saving personal data