Security

The first user created for a merchant (the one created from the registration form) has a default role assigned. This role (Administrator) has all the access rights existent in the GlobalPay system.

69

Click on Add new Role button and you can create a new role. You have to give a role name and description and assign access rights from the list on the right of the form. When finished click Save and your role will be created. The role you have just created is visible in the grid. You can create as many roles as you like.

70

If you want to remove or add new access rights to a role, or simply modify the name or the description you can click on the Edit button from the grid.

71

And, of course, you can delete the roles you don’t need anymore using the Delete button from the grid.

Users Admin

When entering this section you see in grid all the users you have created and yourself. This are all the users associated with your merchant id.

72

Click on Add new User button and you can create a new user. In the new form that opens you need to provide a User Name and the correct e-mail. You can also assign the user one of the roles you previously have created. On Save the user will be saved and he will receive an email with the password.

73

A new user can also be created via API by submitting a POST HTTP request.

If you want to remove or add roles to that user or change his username or email you need to click on the Edit button in the grid. You can also generate a new password for that user from the Edit form. When clicking Generate new password an email will be sent to that user with the new password.

74

And, of course, you can delete the user accounts that do not serve you anymore using the Delete button from the grid.

Please be aware that if you assign a user a certain role (that contains specific access rights), that user will only have access to that restricted area defined by that role (and implicitly by the access rights).

Example: You provide User1 with Role1 that includes NotificationURL-Update access right and Signature-Update access right. This means that user 1 will only see two tabs when entering the dashboard: Account and Configuration. And he will have the right to Generate a new signature and modify the NotificationURL.

An update access right implicitly contains the view access right.

Example: If the user has only one role that only contains the access right Signature-Update, that user will be able to see the Signature section and update the signature.

If the user has only one role that contains only Signature-view, that user will be able to access the Signature section, but won’t be able to update the signature.