Search results for:
Table of Contents
WHMCS provides support for staff accounts, and the Staff Management page is where you can add, remove, and otherwise manage these staff accounts. This article will be going over the options available and the process of managing staff accounts in WHMCS.
The Staff Management page can be found through Setup -> Staff Management, where you can choose which section of staff management you need to manage.
The Administrator Users section allows you to view, add, remove, and otherwise manage the admin/staff users on your system.
All current accounts will be listed on the main page, split into active and Inactive. The buttons next to each user entry are for editing and removing that user, respectively.
To add an administrator, click the Add New Administrator button, and you will be presented with the following form:
The fields and options on this page are as follows:
This is the same form that will be presented to you when editing an existing admin.
Administrator roles are groups that you can assign admin users to apply permissions and policies to them in groups instead of all individuals. You can also use this to designate the exact position the user will be.
The first page in this section lists the existing Administrator Roles and lists of which admins are members of each group and buttons to edit or remove the group.
WHMCS provides ways to create a new admin role by either creating one from scratch or duplicating an existing group. The buttons to initiate each type of group creation are found at the top of the page.
After selecting to add a new role group, you will first be prompted to name the group. Give it a name that is descriptive of its duties and what permissions it will have.
Next, you will be prompted to select what permissions you want users within the group to have. The name of each permission is descriptive of what that permission allows the user to do or access.
You will also restrict their access to reports and specify what types of emails they can manage.
When selecting to duplicate an existing role group, it will ask you which group you wish to duplicate and what name you would like to give to the new one. Please give it a name that's descriptive of its duties and permissions.
You will then be presented with the same permissions selection page as when creating a new user, except it will be pre-populated with the values from the group you are duplicating. Modify the setting if you so wish, and save the settings.
WHMCS provides support for two-factor authentication (2FA) to increase security on client and admin accounts. When a user logs in with 2FA enabled, they will be prompted for another form of identification using a second device beyond just their username and password. Typically this is done by sending a code to a mobile phone via SMS or with a one-time code that expires and regenerates every 30 seconds.
On the Two Factor Authentication setup page, you are given the option to force clients, admins, or both to enable 2FA the next time they log in if they don't have it already.
WHMCS supports 3 types of 2FA:
WHMCS provides API support for the development of 3rd party applications that rely on its services. The Manage API Credentials page lets you create roles for access to specific components of the API and assign those roles to API credentials.
Before you can create API credentials, you have to make at least one API role in specifying your credentials wpermissionscredentials'
To create an API role, begin by selecting the API Roles tab and clicking the green Create API Role button, and you will be prompted with the following form:
Give the role a name that is descriptive of its duties or permissions, and you may give a description to describe those duties and permissions more in-depth. Then scroll through the different categories in the left-side panel and select what permissions from those categories this role should have. The full reference guide for the API calls can be found here.
After you've created at least one API role, you can create new API credentials for specific admin users by going to the API Credentials tab and clicking the green Generate New API Credential button. This will bring up the following form:
In this form, select which admin user the credentials are for, optionally give the credentials a description for their duties or permissions and then select which API Role(s) they should have (you can select multiple). Then click Generate, and you will be presented with the following information:
These are the identifier and secret keys used to authenticate access to WHMCS' API. You will give these to the admin user the credentials are for.
The identifier and secret key are not stored or viewable anywhere from within WHMCS after this screen. Make sure you copy and store them elsewhere before closing this box.
Written by Hostwinds Team / August 31, 2018