Managing Users, Groups, and Email Notifications

Staff members who need to log into SOLO Server must be assigned their own User ID and Password. Each user can be assigned specific permissions and notifications within SOLO Server, such as the ability to add or edit licenses. The User ID is also logged for certain actions performed in SOLO Server, allowing you to see who added or last modified a record.

Users can also be placed into groups, and will inherit any permissions given to the group. Any additional permissions given to a user will override the group settings. This allows administrators to quickly assign a unique set of permissions while still having flexibility to enable additional permissions per user.

The first User ID assigned to an Author account has the permission to add and manage other users as well as groups.

Important

For SOLO Server Dedicated URL instances hosted by SoftwareKey, SoftwareKey Support Users cannot be edited.

Video Walk-Through

Watch the following video for a walk-through of the same information presented in this topic:

Adding a New User

You can access the Users page through the top-right menu: (User Name) / Users

A listing of current users will be displayed. Press the Add New button to add a new user. Here is an example screenshot:

When adding a new user, you can optionally send a custom Welcome Mailing that you have configured. See Configuring Custom Mailings and User Welcome Mailings for details on supported search/replace parameters for this mailing.

We recommend enabling the Force Password Change property when adding a new user or changing the password for an existing user. The user will be prompted to change their password once they successfully login with the password you provided them.

For setting the other properties, it is easiest to simply assign the user to a group since the user will inherit all the enabled group properties. By default, SOLO Server automatically creates the Administrators, Power Users, and Customer Service Rep groups with appropriate properties enabled for each. You can review and adjust these default groups and/or create new groups for the various departments across your organization. You can access the Groups page through the top-right menu: (User Name) / Groups / Roles:

See the Properties section below for more details on each property. The properties that start with "Notify" will send an email notification to the user based on specific circumstances.

Important

For security reasons, certain SOLO Server web services require the following to be passed to the web method:

Author ID
API User ID
API User Password

If you are using any of the web methods that require these values as inputs, you need to create a user with the Integration User property enabled, An Intergration User will be used exclusively for the web services, and cannot log into the SOLO Server author interface.

See the Web Service Security section for more details on adding an Integration User.

Resetting a Locked User Account

SOLO Server performs a velocity check against failed logins by both User ID and IP Address, and will automatically lock out a User ID and IP address which makes multiple failed login attempts in a short period of time. This prevents brute force attacks to gain access to the SOLO Server administrative interface. Unfortunately, this sometimes results in a user being locked out inadvertently. When this occurs, you can unblock the user account by pressing the Reset Login Check button at the top of the page when viewing the user details.

View User Audit History

All changes to user accounts are audited. To view the audit history for a user, simply click the "View Audit History" button in the page heading. See Viewing Audit History for more details.

Properties

Users and groups are defined by the following properties (note that some properties are not shared among users/groups - this will be noted):

General Information - Users

User ID: This is what the user will use to log into the administration interface. This is typically a number or last name and first initial. This is only editable when creating a new user. Once the user is created, this cannot be changed.
Password: The user's password, used to log into the administration interface along with the User ID. When adding a new user, this is a required field. When updating an existing user, leave this field blank to leave the password as is, or enter a new password to change the password. By default, when adding a new user, this will be pre-populated with a random password. Click "Generate New Password" to generate a new random password. When creating a new user or changing the password on an existing user, be sure to record the password prior to saving the change, as the password cannot be displayed once saved.
Last Login: Read only. The date/time of the last login for the user.
Last Login IP: Read only. The IP address of the last login for the user. Click the IP adddress to perform a lookup on the IP address in a new window.
Entered By/Entered Date: Read only. The User ID which entered the user and the date/time the user was entered into the system.
Modified By/Modified Date: Read only. The User ID who last modified the user and the date/time the modification was made.
User Name: The user's real name.
E-Mail: The user's email address. This is the email address any notifications the user is signed up for will be sent to.
Welcome Mailing: When adding a new user, optionally choose a mailing to send to the new user after account creation. See User Welcome Mailings for details on supported search/replace parameters for this mailing.

General Information - Groups

Group Name: The name of the group.
Entered By/Entered Date: Read only. The User ID which entered the user and the date/time the user was entered into the system.
Modified By/Modified Date: Read only. The User ID who last modified the user and the date/time the modification was made.

Settings - Users

Group: The group the user is assigned to.
Order Level: Order Level can be used to restrict users from not having access to certain products. Users must have at least the order level specified on a product to have access to the product. For example, if you set a product's order level to 10 and you leave a users order level at 0, that user will not see the product.
Outside Access: This can be used to only allow a user to log in from a certain IP address or range of IP addresses. It requires you to enter an IP address and subnet mask. It must be entered in the following format xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy|xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy. The | (pipe) separates the IP addresss. If you give a subnet of 255.0.0.0 and IP of 65.12.12.12, anyone with a 65. IP address will be allowed to enter. Note that currently only IPv4 addresses are supported.
Change Password: Check this to force the user to change their password the next time they log in.
Enabled: Whether the user is enabled. If this box is not checked, this user will not be allowed to log in. When editing your own user account, you will be prompted for confirmation if you uncheck this, as you will immediately be locked out of your account upon saving the setting.
Master User ID: Grants access to senior level administrative functionality and access to all authors on the system. Master User access is not available to authors using SOLO Server Shared URL.
Global Access: If this box is checked, the user has global access for reports and customer searching.
Read Only: If this box is checked, the user has read only access - they can view anything allowed by other permissions, but cannot change anything. When editing your own user account, you will be prompted for confirmation if you check this, as you will immediately be locked out of making any further changes in SOLO upon saving the setting.
Integration User: Whether the user account is used for an integration with SOLO Server web services. When set, the user account can only be used for web service calls to SOLO Server and cannot be used to log in to the administrative interface. In addition the user account will be assigned API credentials to use for authenticating with the web services as outlined below. Note that this will be hidden when editing your own user account to prevent accidentally locking the account out of SOLO Server.
API Credentials: Available when the user is marked as an integration user. Credentials for use authenticating with SOLO Server web service methods which require user authentication. These will be automatically generated when marking a user as an integration user. To generate new credentials, click the Generate New Credentials button. Note that generating new credentials will immediately invalidate the existing credentials, which will cause integrations using these credentials to stop working until they are updated with the new credentials.
API User ID: The API User ID for web service API calls. This is passed in the userID parameter for parameterized web methods, and the UserID element for XML based web methods.
API User Password: The API User password for web service API calls. This is passed in the userPassword parameter for parameterized web methods, and the UserPassword element for XML based web methods.

Settings - Groups

Description: A short description of the group.
Outside Access: This can be used to only allow a user to log in from a certain IP address or range of IP addresses. It requires you to enter an IP address and subnet mask. It must be entered in the following format xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy|xxx.xxx.xxx.xxx:yyy.yyy.yyy.yyy. The | (pipe) separates the IP addresss. If you give a subnet of 255.0.0.0 and IP of 65.12.12.12, anyone with a 65. IP address will be allowed to enter.
Read Only: If this box is checked, the group has read only access - users in the group can view anything allowed by other permissions, but cannot change anything.

Master User ID Only - Users and Groups

The following permissions/notification settings can only be set by users with Master User access - they will not be displayed for other users. Master User access is not available to authors using SOLO Server Shared URL.

Accounting Reports: Whether the user has permission to access advanced accounting reports.
Issue Chargeback: Whether the user has permission to issue a credit card chargeback.
Issue RMAs: Whether the user has permission to issue RMAs.
View Password: Whether the user has permission to view customer passwords. Note that implementation of this permission is currently a work in progress.
View CC Numbers: Whether the user has permission to view credit card numbers. If this is not checked, users will only see the last 4 numbers of credit cards.
Notify Registrations: Whether the user will receive email notification email when a customer registers a product.
Notify Chargebacks: Whether the user will receive email notification of any chargebacks.
Notify Errors: Whether the user will receive email notification of any errors generated during credit processing of online checkouts.
Notify Referrals: Whether the user will receive email notification of any referrals returned by the payment gateway.
Notify Duplicates: Whether the user will receive email notification of any duplicate charges run against the payment gateway.
Notify Author Signups: Whether the user will receive an email notification when a new author signs up.

Report Access - Users and Groups

Report Access: Whether the user has access to basic reports.
Financial Access: Whether the user has access to extended sales and financial reports.
Shipping Reports Access: Whether the user has access to shipping reports.
Sales Reports Access: Whether the user has access to sales reports.
Pending & Declined Reports: Whether the user has permission to view the pending orders and declined orders reports.

User Permissions - Users and Groups

Manage Account: Whether the user has permission to update company contact information. For SOLO Server Shared or Dedicated URL, this also controls whether the user also has permission to update company billing information. Users with this permission will also receive email notifications when either the contact or billing information of their author account is updated.

This can only be granted by users with either Master User or Manage Account permission.
Add Tickets: Whether the user has permission to add new tickets.
Edit Tickets: Whether the user has permission to edit existing tickets.
Ticket FAQ KB: Whether the user has permission to mark tickets to be included in the FAQs and the Knowledge Base.
Manage Storefront/Files: Whether the user has permission to manage the virtual storefront and upload files.
Manage Records: Whether the user has permission to transfer licenses, merge customers, and edit ticket notes.
Manage Users: Whether the user has permission to manage users. When editing your own user account, you will be prompted for confirmation if you uncheck this, as you will immediately be unable to make any further permissions changes upon saving the setting.
Manage Groups: Whether the user has permission to manage groups.
Reset Activation Count: Whether the user has permission to reset the activation count on licenses whose activations have run down to zero.
Issue Store Credit: Whether the user has permission to issue store credits.
Manage Mailings: Whether the user has permission to view and edit mailings.
Override Rules: Whether the user has permission to override product option rules that are marked "Allow User Override".

Customer/License Access - Users and Groups

Add Single Customer: Whether the user has permission to add a single customer.
Add Multiple Customers: Whether the user has permission to add multiple customers/licenses.
Edit Customers: Whether the user has permission to edit customer records.
Add Licenses: Whether the user has permission to add licenses.
Edit Licenses: Whether the user has permission to edit licenses.
Bulk Modify Licenses: Whether the user has permission to bulk modify licenses.
Activate Licenses: Whether the user has permission to activate licenses.
Manage Installations: Whether the user has permission to deactivate/reactivate installations.
Add Invoices: Whether the user has permission to add invoices.
Edit Invoices: Whether the user has permission to edit invoices.
Void Invoices: Whether the user has permission to void invoices.
Invoice Charge Credit Card: Whether the user has permission to charge credit cards on the invoice add/edit page.
Issue Refund: Whether the user has permission to issue a refund.

Notify Emails - Users and Groups

Notify Trial DL: Whether the user will receive an email notification when a customer downloads a trial.
Notify Orders: Whether the user will receive an email notification when a customer makes a purchase. Note that this cannot be checked if Notify Orders Shipping is checked.
Notify Orders Shipping: Whether the user will receive notification email when a customer purchases a product that has a shipping amount greater than zero. Electronic orders are not notified. This could be used for a user in the shipping department who does not need to know about electronic orders. Note that this cannot be checked if Notify Orders is checked.
Notify Affiliates: Whether the user will receive an email notification when a new affiliate signs up to sell your product
Notify Logins: Whether the user will receive an email notification when a SOLO Server user logs into SOLO Server.
Notify Ticket Assignments: Whether the user will receive an email notification when a ticket is assigned to them.
Notify Hard Declines: Whether the user will receive email notification of any hard declines.
Notify Soft Declines: Whether the user will receive email notification of any soft declines.
Notify Forgot PW: Whether the user will receive email notification when a customer is unable to recover a lost password.

Products/Distributors - Users and Groups

Add Distributors: Whether the user has permission to add new Distributors/Affiliates.
Edit Distributors: Whether the user has permission to edit Distributors/Affiliates.
Export Distributors: Whether the user has permission to export the Distributor/Affiliate list.
Add Products: Whether the user has permission to add products and product options.
Edit Products: Whether the user has permission to edit products and product options.
View Products: Whether the user has permission to view products.
Edit Catalog: Whether the user has permission to edit the product catalog (not used yet - reserved for future product catalog).
Manage Inventory: Whether the user has permission to view the Manage Inventory page and update inventory levels.

Payment Plans - Users and Groups

Create Payment Plan: Whether the user has permission to create payment plans.
Edit Payment Plan: Whether the user has permission to edit payment plans.
Edit Payment Plan Instance: Whether the user has permission to edit payment plan instances.
Create Stored Payment: Whether the user has permission to create stored payments.
Edit Stored Payment: Whether the user has permission to edit stored payments.
Notify Successful Payment Plan Payments: Whether the user will receive email notification for successful payment plan payment installments.
Notify Declined Payment Plan Payments: Whether the user will receive email notification for declined payment plan payment installments. In addition, users with this permission will receive an email notification when a customer updating their recurring payment details through the Customer License Portal encounter a decline from the test authorization performed to verify the credit card details.
Notify Final Declined Payment Plan Payments: Whether the user will receive email notification for the final declined payment plan payment installment. In addition, users with this permission will also receive email notification when a payment plan instance is canceled either by an administrator or by the customer through the Customer License Portal.