Admin Users Documentation¶
Menu Location: Settings > Admin Users
Access Level: Administrator (with PERMISSION_ADMINUSERS)
Last Updated: 2026-03-01
Overview¶
The Admin Users page manages staff accounts with access to the admin panel. Create users, assign access levels, configure permissions, and control who can perform administrative functions.
Primary Functions:
- Create and manage admin user accounts
- Assign access levels (Full Admin, Customer Service, Warehouse, Driver, etc.)
- Configure granular permissions per user
- Manage passwords and account security
- Track admin activity and login history
- Suspend or delete user accounts
Access Levels¶
Full Admin¶
Complete access to all features and pages. Can view, edit, and delete everything.
Customer Service¶
Access to customer accounts, orders, and basic reports. Cannot access financials, settings, or user management.
Manager¶
Customer Service capabilities plus access to products, routes, and some settings. Cannot manage admin users or critical system settings.
Warehouse¶
Access only to inventory and packing features. Limited to warehouse operations.
Delivery Driver App Access¶
Access only to the mobile driver delivery app. Cannot access admin panel.
Labels & Routing¶
Access only to the Labels & Routing page for printing and route management.
Recipe Page¶
Access only to recipe management. For culinary staff.
Creating Admin Users¶
Add New User¶
- Click "Add Admin User" button
- Fill in required fields:
- Username (unique, minimum 3 characters)
- Password (strong passwords may be required)
- Access Level (select from dropdown)
- Optional fields:
- First Name, Last Name
- Email Address
- Company Data Source (if multi-company)
- Click "Create New Admin"
Password Requirements¶
If strong passwords enabled (common on production systems):
- Minimum 8 characters
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
Access Level Selection¶
Choose the most restrictive level that allows the user to do their job. You can always grant additional specific permissions after creation.
Permission System¶
Granular Permissions¶
After creating a user with an access level, you can fine-tune their permissions using checkboxes in the table:
Available Permissions:
- Permission to Edit All Admin Users
- Permission to View Customers
- Permission to Edit Products
- Permission to View Reports
- Permission to Manage Routes
- Permission to Process Payments
- Permission to Edit Settings
- (and more, varies by system)
Setting Permissions¶
- Locate user in the table
- Check boxes for permissions to grant
- Uncheck boxes for permissions to remove
- Click "Save Admin User Permissions" button at bottom
- Changes take effect immediately (user may need to re-login)
Permission Inheritance¶
Access levels come with default permissions. When you grant additional permissions, they ADD to the base level permissions.
Managing Existing Users¶
Edit User¶
Click wrench icon or username to edit:
- Change password
- Update contact information
- Modify access level
- Adjust settings
- View login history
Suspend User¶
Change access level to "Suspended" to temporarily disable without deleting:
- User cannot log in
- Data preserved
- Can be reactivated by changing back to active access level
Delete User¶
Click trash icon (localhost/Wayne only by default):
- Removes user account
- Deletes associated settings and info
- Cannot be undone
- Historical logs remain
Show/Hide Suspended Users¶
Toggle button to show or hide suspended accounts in the list.
Security Best Practices¶
Account Security¶
- Use unique usernames (never share logins)
- Enforce strong passwords
- Change passwords regularly
- Suspend terminated employees immediately
- Review active users quarterly
Least Privilege Principle¶
- Grant minimum necessary access
- Don't create Full Admin unless required
- Use specific permissions over broad access levels
- Review permissions when role changes
Monitoring¶
- Check User Log for unusual activity
- Review failed login attempts
- Audit permission changes
- Monitor admin actions in system logs
User Management¶
Driver Users¶
For delivery drivers:
- Create user with "Delivery Driver App Access" level
- Go to Drivers page
- Link driver profile to user account
- Driver can now log in to mobile app
Multi-Company Users¶
If your system has multiple company data sources:
- Assign user to specific company
- User only sees data for their company
- Prevents cross-company data access
Common Use Cases¶
Use Case 1: Onboard New Customer Service Rep¶
Goal: Give new hire appropriate access to help customers
Steps:
- Go to Admin Users
- Click "Add Admin User"
- Enter username (e.g., jsmith), strong password
- Enter first name, last name, email
- Select "Customer Service" access level
- Click "Create New Admin"
- Provide credentials to new employee
- Train on customer service functions
Use Case 2: Promote User to Manager¶
Goal: Grant additional permissions to existing user
Steps:
- Find user in table
- Click "Edit" (wrench icon)
- Change Access Level to "Manager"
- Save changes
- Review permissions table
- Grant any additional specific permissions needed
- Click "Save Admin User Permissions"
- Notify user of expanded access
Use Case 3: Suspend Terminated Employee¶
Goal: Immediately revoke access for departing staff
Steps:
- Go to Admin Users
- Find user in table
- Click "Edit"
- Change Access Level to "Suspended"
- Save changes
- Verify user cannot log in
- Document in HR records
Troubleshooting¶
User Can't Log In¶
Check:
- Username and password are correct (case-sensitive)
- Account is not suspended
- Account exists in system
- No recent password changes they're unaware of
User Missing Expected Permissions¶
Check:
- Access level is correct
- Specific permissions are checked in table
- User has refreshed/re-logged in
- No conflicting settings
Can't Create New User¶
Common Issues:
- Username already exists (must be unique)
- Password doesn't meet strength requirements
- Missing required fields (name/email if configured)
- Insufficient permissions to create users
Related Pages¶
- Admin User Edit (
admin-user.php) - Detailed user settings - User Log (
admin-user-log.php) - Activity history - Drivers - Link drivers to user accounts
- Settings - Configure password requirements
Permissions & Access¶
Required: PERMISSION_ADMINUSERS (checked at page load)
Only users with this permission can:
- View this page
- Create new admin users
- Edit existing users
- Manage permissions
- Delete users
Quick Reference Card¶
| Task | Action/Location |
|---|---|
| Add new user | Add Admin User button > Fill form > Create |
| Change access level | Edit user > Select new level > Save |
| Grant permission | Check box in table > Save Permissions |
| Suspend user | Edit user > Set to Suspended |
| Reset password | Edit user > Enter new password > Save |
| View login history | Edit user > User Log link |
| Link to driver | Admin Users table > Select driver from dropdown |
| Show suspended | Toggle "Show Suspended" button |
FAQs¶
Can users have multiple access levels?¶
No, each user has one access level plus additional granular permissions.
What happens when we change access level?¶
Base permissions change immediately. Custom permission checkboxes remain but may be overridden by new level.
Can deleted users be recovered?¶
No, deletion is permanent. Use "Suspended" instead if you might need to reactivate.
How do we audit admin actions?¶
Check User Log for individual users, or system logs for all admin activity.
Can customers have admin access?¶
Technically yes, but not recommended. Create separate admin account if customer needs admin access.
Change Log¶
2026-03-01¶
- Initial documentation created
- Covered access levels and permission system
- Documented user management workflows
- Added security best practices
End of Documentation
For additional help, contact your system administrator or Kiva Logic support.