Skip to content

Roles and permissions

Roles and permissions are used to give users the correct access to various system functionality relating to their business roles. A user may have multiple roles. ActiveServer comes with pre-defined user roles:

  • System admin - for managing the technical upkeep for the instance, including deployment and licensing, directory server connection management, system settings management plus monitoring system notifications.
    • Page access: Directory servers, Deployment, Audit logs, Settings, About, Profile, System notifications.
  • User admin - for managing users for the instance, including assigning roles. This role is able to see all merchants in the system to enable it to assign a merchant to a single scope user. There must always be one user with this role.
    • Page access: Merchants, User Management.
  • Business admin - for managing the business processes for all merchants on the instance, including viewing dashboard statistics, managing merchant functions and viewing transaction history.
    • Page access: Dashboard, Merchants, Transactions, Profile.
  • Merchant admin - for managing the business processes for a single merchant on the instance, including viewing dashboard statistics, managing merchant details and viewing transaction history.
    • Page access: Dashboard, Merchants, Transactions, Profile.
  • Merchant - for users who require read only access to a single merchant on the instance, including viewing dashboard statistics, viewing merchant details and viewing transaction history.
    • Page access: Dashboard, Merchants, Transactions, Profile.

Permission scope

Each user role has a level of scope attached to allow a User admin user to define the correct level of access to entities within the system.

Merchant scope

In relation to Merchants, scope indicates whether the user will be able to access all merchants and their information (e.g. statistics, details, transactions), or just allow access to a single merchant's information:

  • All scope - The Business admin role has authority over all merchants. This allows them to select all merchants when viewing dashboard statistics, search/edit/create/delete all merchants and view transactions for all merchants in the system. The User admin has access to viewing merchant details for the purposes of assigning merchants to single scope users.
  • Single scope - The Merchant admin and Merchant roles have authority over a single merchant only. After a merchant is assigned to their profile, they can access only that merchant's dashboard statistics, merchant details and transactions.
  • No scope - The System admin role does not have any permissions relating to managing merchants, and therefore is not able to access any pages with merchant functionality.

This separation of duties allows clients managing multiple merchants in a single system, such as Payment Service Providers, to give granular control to individual merchants if required.

Important

If a user is assigned roles that have both All and Single scope, the All scope will take precedence.

Assigning merchants

If a user has Single scope level access in relation to merchants, a User admin can assign them an already created merchant to manage.

If the user already has a merchant assigned to them, this can be overwritten in their profile but they cannot have more than merchant at a time.

Permission list table

The following table provides a detailed view of the specific permissions granted to the user roles. The Scope column indicates permissions that have a scope attached to it where appropriate.

User Note

Through this document you will see these User Note boxes, which indicate what features are available to specific user roles.

PageSub pagePermissionScopeSystem AdminUser AdminBusiness AdminMerchant AdminMerchant
DashboardView all merchant statisticsAll merchants
View merchant statisticsSingle merchant
MerchantsSearchView all merchant detailsAll merchants
View merchant detailsSingle merchant
Create multiple merchantsAll merchants
Delete multiple merchantsAll merchants
Merchant SettingsView all merchant detailsAll merchants
View merchant detailsSingle merchant
Edit all merchant detailsAll merchants
Edit merchant detailsSingle merchant
View all merchant notesAll merchants
Edit all merchant notesAll merchants
Edit all merchant enabled statusAll merchants
Download all merchant certificatesAll merchants
Download merchant certificateSingle merchant
Revoke all merchant certificatesAll merchants
Revoke merchant certificatesSingle merchant
Rotate all merchants encryption keyAll merchants
Rotate merchant encryption keySingle merchant
AcquirerView acquirers
Create acquirer
Edit acquirer
Delete acquirer
Directory ServersView Directory Server settings
Edit Directory Server settings
View Directory Server certificates
Edit Directory Server certificates
TransactionsView all merchant transactionsAll merchants
View merchant transactionsSingle merchant
DeploymentNodesView deployment information
Edit deployment information
Activation StatusView activation details
Edit product activation information
User ManagementSearchView all users detailsAll users
Add users
Delete users
DetailsEdit all users detailsAll users
Edit all users rolesAll users
Edit all users statusAll users
Audit LogsView all audit logs
SettingsSystemView system settings
Edit system settings
SecurityView security settings
Edit security settings
3D Secure 2View 3D Secure 2 settings
Edit 3D Secure 2 settings
AboutView details
User profileEdit profileView user detailsSingle user
Edit user detailsSingle user
NotificationsView system notifications
View user notifications
Reset PasswordReset password