User & Role Management

✅ Introduction

What it does: Controls admin access and permissions to your SaaS platform Why it's useful: Ensures secure, role-based access to administrative functions Location: Admin Panel → Users & Roles

User and role management allows you to create admin accounts with specific permissions, ensuring proper access control for your administrative team. This is distinct from tenant user management, as it focuses on your staff who manage the SaaS platform itself.

✅ Accessing User & Role Management

Navigation Path

1. Login to Admin Panel
2. Navigate to Users → User List

Required Permissions

• admin.users.view - View admin users
• admin.users.create - Create admin users
• admin.users.edit - Edit user details
• admin.users.delete - Delete admin users
• admin.roles.view - View roles and permissions
• admin.roles.create - Create new roles
• admin.roles.edit - Edit role permissions

✅ Admin User Management

User List

Location: Admin Panel → Users → User List

View and manage all administrative users:

User Information:

• User ID and name
• Email address
• Assigned role(s)
• Active status
• Last login date/time
• Account creation date
• Department (if applicable)

Filtering Options:

• Filter by role
• Filter by status
• Filter by department
• Filter by creation date
• Search by name or email

Creating Admin Users

Location: Admin Panel → Users → Create User

Add new administrative staff to your platform:

Required Information:

• Full Name: User's complete name
• Email Address: Login email (must be unique)
• Password: Initial login password
• Role Assignment: Access control role

Optional Settings:

• Profile Picture: User avatar
• Department: Organizational unit
• Contact Number: Phone contact
• Address: Location information
• Status: Active or inactive
• Login Notification: Email on login

Editing Admin Users

Location: Admin Panel → Users → Edit User

Modify existing user accounts:

Editable Fields:

• Personal information
• Contact details
• Role assignments
• Department
• Status (active/inactive)
• Password reset

Important Notes:

• Email changes require verification
• Role changes take effect immediately
• Status changes may affect active sessions
• Password changes force re-login

Admin User Profiles

Location: Admin Panel → Profile

Each admin user has a profile page:

Profile Information:

• Personal details and contact info
• Role and permission summary
• Account activity history
• Session management
• Two-factor authentication setup
• API token management (if applicable)

✅ Role Management

Role List

Location: Admin Panel → Users → Roles

View and manage permission roles:

Role Information:

• Role name and description
• Permission summary
• Number of users assigned
• Default role status
• Creation and modification dates

Default Roles:

• Super Admin: Complete system access
• Administrator: General admin access
• Support: Customer support functions
• Billing: Payment and subscription access
• Content: Website management access

Creating Custom Roles

Location: Admin Panel → Users → Roles → Create Role

Define custom permission sets:

Required Information:

• Role Name: Descriptive title
• Role Slug: URL-friendly identifier
• Description: Role purpose explanation
• Permission Selection: Access rights

Role Options:

• Create from scratch
• Clone existing role
• Set as default for new users
• Mark as system role (protected)

Permission Management

Location: Admin Panel → Users → Roles → Edit Permissions

Configure granular access rights:

Permission Categories:

• Dashboard: Access to statistics and reports
• Tenants: Tenant management functions
• Subscriptions: Billing and payment features
• Plans: Subscription plan management
• Users: User administration tools
• WhatsApp: API configuration access
• Settings: System configuration options
• Website: Marketing site management
• Support: Help desk functions

Permission Levels:

• View: Read-only access
• Create: Ability to add new items
• Edit: Modify existing items
• Delete: Remove items
• Approve: Authorize actions
• Export: Download data
• Import: Upload data

✅ Department Management

Department List

Location: Admin Panel → Users → Departments

Organize users by organizational unit:

Department Information:

• Department name and description
• Number of users assigned
• Department manager
• Creation date

Default Departments:

• Management: Leadership team
• Support: Customer assistance
• Sales: Business development
• Technical: System administrators
• Finance: Billing and payments

Creating Departments

Location: Admin Panel → Users → Departments → Create Department

Add new organizational units:

Required Information:

• Department Name: Unit title
• Description: Purpose explanation
• Manager: Department head
• Parent Department: Hierarchical parent (optional)

✅ Activity Monitoring

User Activity Log

Location: Admin Panel → Users → Activity Log

Track administrative actions:

Log Information:

• User who performed action
• Action type and description
• Affected resource
• IP address
• Date and time
• Additional context
• Related tenant (if applicable)

Filtering Options:

• Filter by user
• Filter by action type
• Filter by date range
• Filter by IP address
• Search by description

Session Management

Location: Admin Panel → Users → Active Sessions

Monitor and control user logins:

Session Information:

• User details
• Login time
• Last activity
• IP address
• Browser and OS
• Device type
• Session status

Management Options:

• Terminate individual sessions
• Force logout for specific users
• Set session timeout policies
• Restrict concurrent logins
• IP-based access controls

✅ Security Features

Two-Factor Authentication

Location: Admin Panel → Settings → Security → 2FA

Enhance login security:

2FA Options:

• Optional: User choice to enable
• Required: Mandatory for all admins
• Role-Based: Required for specific roles
• Method Selection: App, SMS, or email
• Backup Codes: Emergency access

Password Policies

Location: Admin Panel → Settings → Security → Passwords

Set password requirements:

Policy Options:

• Minimum length requirement
• Complexity rules (special chars, numbers)
• Password expiration
• History enforcement (prevent reuse)
• Failed attempt lockout
• Password reset process

Login Restrictions

Location: Admin Panel → Settings → Security → Access Control

Control login access:

Restriction Options:

• IP whitelist/blacklist
• Country-based restrictions
• Time-of-day limitations
• Device restrictions
• Browser limitations
• Failed attempt handling

✅ Advanced Features

Impersonation

Location: Admin Panel → Users → User List → Impersonate

Temporarily access as another admin:

Impersonation Process:

1. Select user to impersonate
2. System creates temporary session
3. All actions logged as impersonation
4. Return to original account when done
5. Subject to permission controls

Bulk User Management

Location: Admin Panel → Users → Bulk Actions

Perform actions on multiple users:

Bulk Actions:

• Assign/change roles
• Update departments
• Enable/disable accounts
• Force password reset
• Export user data
• Send notifications

✅ Best Practices

• Least Privilege: Grant minimum needed permissions
• Role Separation: Create specific roles for job functions
• Regular Audits: Review user accounts and permissions
• Strong Authentication: Enforce 2FA for sensitive roles
• Activity Monitoring: Review logs for suspicious activity
• Offboarding Process: Prompt removal of departed staff
• Password Policy: Implement strong requirements
• Session Management: Set appropriate timeouts

✅ Troubleshooting

Common Issues:

• Permission Denied: Check role assignment
• Login Failures: Verify credentials and status
• Session Expiration: Check timeout settings
• 2FA Problems: Verify device synchronization
• Role Conflicts: Check for permission overlap
• Unexpected Access: Audit permission assignments
• Password Reset Issues: Check email delivery

Next Steps

After setting up your admin users and roles, proceed to WhatsApp Configuration to configure the core messaging functionality of your platform.