Versions Compared

Old Version 64

changes.mady.by.user Hunter Schaeffer

Saved on

compared with

New Version 69

changes.mady.by.user Hunter Schaeffer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

The user configuration page is where you configure the contact/login details of a user, update passwords for the user, as well as the user permissions and email notifications

Panel

Home Menu Configuration (Back Office) Users > Add or Edit user

Table of Contents

Image Removed

Image Removed

User Configuration Introduction

...

Section

...

Description

...

Contact Information

...

You only need to populate these fields for new passwords. The are intentionally left blank the rest of the time.

Tip

A secure password should contain both letters and numbers and not contain an English word or easily guessable value.

...

You only need to configure this if you are going to use UltraCart's FTP.

Tip

FTP: merchantftp.ultracart.com

User ID: <Your Merchant ID>/<Your Login ID>, Example: DEMO/johna

Password: Whatever you fill in the New FTP Password field.

...

You only need to configure this if you are going to use UltraSecure.

Tip

A secure password should contain both letters and numbers and not contain an English word or easily guessable value. This password will need to be different then your main

account password.

...

Please spend some time considering how to set these up. There could be security risks to your company if you are not careful with who has access to what areas of UltraCart.

...

Contact Information

The contact information applies to this individual user only. It is very important that you configure each user with correct names and emails for obvious reasons. When a user contacts support via phone or email regarding account information, our support personnel will use the information entered here to help make accurate identification. 

Image Removed

...

Field

...

Description

...

New Password

This section allows you to set a secure password for the new user or change the password for an existing user. 
Image Removed 
A secure password (8-25 characters) should contain both letters and numbers and not contain an English word or easily guessable value. The password has to be reentered into the confirm password field a second time (since the password is not visible the first time it's typed). A good technique for creating a safe password is to think of a memorable, but not easily guessable phrase, then use the first letter of each word plus an additional digit or two inserted somewhere within the password, so that the final password is not something that would be contained in the dictionary.

New FTP Password

This Section allows you to setup access to the account via FTP. This is mostly used for catalog and screen branding configuration.
Image Removed 

The Password here will need to be something different from the main password but again should contain both letters and numbers and not contain an English word or easily guessable value.

Related: FTP Server Access

UltraSecure One-Time Password Token

UltraCart supports two factor authentication on your UltraCart account to enhance the security of your account.  Two factor authentication means you have something you know (your regular password) and something you have (the token on your phone that is generating the one time password).  Previously UltraCart used physical tokens from CryptoCard (deprecated) and our own OTP application for Android (deprecated), but has now standardized on the open source project Google Authenticator that is available for all the major mobile phone platforms.  There are two primary benefits to using an OTP token:

  1. Enhanced security
  2. Removes the requirement for IP activation
  3. Removes the requirement for a password change every 90 days.

Image Removed

Related: UltraSecure OTP Tokens

Group Membership

Use group memberships to assign same permissions to multiple Users.

Image Removed

Permissions

Permissions allows you to set the level of access you want each user within your account to have. You should only grant each user the minimum permissions they need to perform their job tasks. 
Simply place a check in the box to the left of the permissions you want to grant to this user. 

Image Removed

...

Description

...

This is a special use setting typically configured on a user that is configured on the account specifically for use in API integration. Limiting this setting to users that are otherwise limited to very little access to the UltraCart backend improves security.

Info
titleIP Addresses (white-listing)

When configuring a user with API permission, you will also click on   [IP Addresses] then enter in the IP address(s) of the servers where you are implementing API scripts, this "white-listing" process protects against intrusion attempts where a hacker attempts to copy and edit your API implementation and then place their version on another website.

The "IP Addresses" field can hold about 15 IP addresses. You can use The asterisk character to apply an IP range. The wildcard format is ###.###.###.*

...

This gives a user access to the account's billing (SERVICE PLAN) area.

...

titleThis Permission also triggers Service Plan "Billing Activity" Notification emails

...

Table of Contents

The user configuration page is where you configure the contact/login details of a user, update passwords for the user, as well as the user permissions and email notifications

Panel

Home Menu Configuration (Back Office) Users > Add or Edit user

Table of Contents

Image Added

Image Added


User Configuration Introduction


There are six sections that can be configured for each user. This includes:

Section

Description

Contact Information

Mandatory Fields that can only seen by you and UltraCart staff
New Password

You only need to populate these fields for new passwords. The are intentionally left blank the rest of the time.

Tip

A secure password should contain both letters and numbers and not contain an English word or easily guessable value.


New FTP Password

You only need to configure this if you are going to use UltraCart's FTP.

Tip

FTP: merchantftp.ultracart.com

User ID: <Your Merchant ID>/<Your Login ID>, Example: DEMO/johna

Password: Whatever you fill in the New FTP Password field.


UltraSecure One-Time Password Token

You only need to configure this if you are going to use UltraSecure.

Tip

A secure password should contain both letters and numbers and not contain an English word or easily guessable value. This password will need to be different then your main

account password.


Permissions

Please spend some time considering how to set these up. There could be security risks to your company if you are not careful with who has access to what areas of UltraCart.

Email NotificationsEmail Notifications are what are sent to you when certain actions take place in your account. These are not for your customer, but for your information only.

Contact Information

The contact information applies to this individual user only. It is very important that you configure each user with correct names and emails for obvious reasons. When a user contacts support via phone or email regarding account information, our support personnel will use the information entered here to help make accurate identification. 

Image Added

Field

Description

LoginIn the login field, enter the user's first initial and last name. If there are very few users, then first names only are acceptable. This will be the login name that the user will use to access their account.
NamePlease enter the full name of the user.
EmailPlease enter the email address used to contact this user. It is very important to make sure this field is correct and a valid email.
PhonePlease enter the phone number used to contact the user.

New Password

This section allows you to set a secure password for the new user or change the password for an existing user. 
Image Added 
A secure password (8-25 characters) should contain both letters and numbers and not contain an English word or easily guessable value. The password has to be reentered into the confirm password field a second time (since the password is not visible the first time it's typed). A good technique for creating a safe password is to think of a memorable, but not easily guessable phrase, then use the first letter of each word plus an additional digit or two inserted somewhere within the password, so that the final password is not something that would be contained in the dictionary.

New FTP Password

This Section allows you to setup access to the account via FTP. This is mostly used for catalog and screen branding configuration.
Image Added 

The Password here will need to be something different from the main password but again should contain both letters and numbers and not contain an English word or easily guessable value.

Related: FTP Server Access

UltraSecure One-Time Password Token

UltraCart supports two factor authentication on your UltraCart account to enhance the security of your account.  Two factor authentication means you have something you know (your regular password) and something you have (the token on your phone that is generating the one time password).  Previously UltraCart used physical tokens from CryptoCard (deprecated) and our own OTP application for Android (deprecated), but has now standardized on the open source project Google Authenticator that is available for all the major mobile phone platforms.  There are two primary benefits to using an OTP token:

  1. Enhanced security
  2. Removes the requirement for IP activation
  3. Removes the requirement for a password change every 90 days.

Image Added

Related: UltraSecure OTP Tokens

Group Membership

Use group memberships to assign same permissions to multiple Users.

Image Added

Permissions

Permissions allows you to set the level of access you want each user within your account to have. You should only grant each user the minimum permissions they need to perform their job tasks. 
Simply place a check in the box to the left of the permissions you want to grant to this user. 

Image Added

Admin

(These permissions should be restricted to only those users that are administrators on the account.)

FieldDescription
Edit Servicer Plan

This gives a user access to the account's billing (SERVICE PLAN) area.

Info
titleThis Permission also triggers Service Plan "Billing Activity" Notification emails

Any user that has this permission configured will receive the automated service billing email notification for the account. This may confuse the user into thinking they are being charged when the message is indicating billing activity on the UltraCart account. Only give this permission to users on the account that need to be able to review the UltraCart related Service Plan billing activity and the updating of the billing credit card number on file.


Edit UsersNo one but the Owner on the account and/or a very trusted employee should have access to this permission. With this setting you can add or delete users whenever you want.

Advanced

FieldDescription
Affiliate ManagementAllows the user to navigate to the Affiliate Management location.

Configuration

FieldDescription
Edit Customer NotificationAllows the user to access the email notification section, which controls the emails sent to customers.
Edit Export SettingsAllows the user to use the Exporting Orders section. The user will also need the Edit Settings permission.
Edit Fraud RulesAllows user to access and edit the Fraud Prevention Rules
Edit Gift GivingAllows the user to make changes to the gift giving section of the checkout.
*The user will also need the permission to edit settings.
Edit Look and FeelAllows the user to make changes to the screen branding themes. Screen branding themes control the look and feel of your checkout pages.
Edit Return PolicyAllows the user to make changes to the global Return Policy page.
Edit Tax RatesAllows the user access to Sales Tax. The user will also need the Edit Setting permission.
FacebookAllows the user to access to configure the Facebook-UltraCart Integration.
Manage MarketingAllows the user to access the marketing section, which includes Emails and 3rd party Emails.

Conversations

FieldDescription
Phone SystemEnables access to the Phone System
SMS/Web Chat AdministratorEnable for administrators of the SMS/Chat
SMS/Web Chat UserEnable for users/operators of the SMS/Chat

Data Warehouse

Learn more

FieldDescription
Level 1 - Standard Access (No PII) (Owner Managed)
Level 2 - Low sensitive data (Owner Managed)
Level 3 - Medium sensitive data (Owner Managed)
Level 4 - High sensitive data (Owner Managed)

Items

FieldDescription
Destructive Import OptionsEnable only for users performing advanced Item Imports. This enables the "destructive" import options that erase/overwrite catalog assignments, related item assignments, item attributes, or delete items.
Edit ItemsAllows the user to make changes to the items configured within the account. This also includes adding and removing items from the account.
Edit ReviewsAllows the user to view and make changes to customer reviews.
View Items"Read only" permission to view the items and item editor but can't make changes to the items configuration.

Operations

Field

Description

Access Accounts ReceivableAllows the user to navigate to the Accounts Receivables location.
Access QuotationsAllows the user to go into the Quotes review location.
Access ReportsAllows the user to navigate to the Reporting location.
Access Reports without PIIAllows the user to navigate to the Reporting location, but restricts access to reports that contain PII (Personally Identifiable Information.)
Access Shipping DepartmentAllows the user to navigate to to the Shipping Department location.
API Access
([IP Addresses])

This is a special use setting typically configured on a user that is configured on the account specifically for use in API integration. Limiting this setting to users that are otherwise limited to very little access to the UltraCart backend improves security.

Info
titleIP Addresses (white-listing)

When configuring a user with API permission, you will also click on   [IP Addresses] then enter in the IP address(s) of the servers where you are implementing API scripts, this "white-listing" process protects against intrusion attempts where a hacker attempts to copy and edit your API implementation and then place their version on another website.

The "IP Addresses" field can hold about 15 IP addresses. You can use The asterisk character to apply an IP range. The wildcard format is ###.###.###.*


Accounts Receivable - Skip Payment ProcessingEnabling this permission, allows the A/R (viewing a specific order) to display the 'Skip Payment Processing' button , as well as the 'Authorize Orders' button, in the Payment processing section.
*Only enable if the user requires these actions as part of their role responsibilities.
Back End Order EntryAllows access to the Back End Order Entry (BEOE). Since the BEOE tool allows for overriding of item costs and shipping costs on-the-fly, you may choose to be selective about which users have access to the BEOE tool.
Back End Order Entry (Customer Profiles)Allows the user to access customer profiles search tool when using the BEOE tool.
Back End Order Entry (Prevent Direct Credit Card Entry)Select this to restrict direct credit card entry (for example to limit them only to the PII protected CC entry by the customer via phone call.
Delete OrderDeleting an order removes it from your system there is no way to get it back.
Edit CatalogAllow the user access to the Catalog configuration pages. (Applies only to the deprecated legacy catalog system)
Edit OrderAllows the user to Edit, Delete and make changes to customers orders.
Edit SettingsAllows the user access to the configuration section.
Edit Tax RatesManage Auto OrdersAllows the user to have access to Sales Taxto review or make changes to auto orders. The user will also need the permission to Review Orders.
Manage ChargebacksAllows the user to access the Chargeback Processing section. The user will also need the Edit Setting setting permission.
Edit UsersNo one but the Owner on the account and/or a very trusted employee should have access to this permission. With this setting you can add or delete users whenever you want.
FacebookManage Customer ProfilesAllow the user to have access to the Customer Profiles section. This will allow the user to edit, delete, and add customer profiles.
Manage Gift CertificatesAllows the user to access to configure the Facebook-UltraCart Integration.Manage Auto Ordersedit and create Gift certificates within the marketing section.
Refund OrderAllows the user to have access to review or make changes to auto orders. The user will also need the permission to Review Orders.Manage Chargebacksissue a refund on orders.
Review OrdersAllows the user to access into the Chargeback Processing Order Management section. The user will also need the Edit setting permission.
Manage Customer ProfilesAllow the user to have access to the Customer Profiles section. This will allow the user to edit, delete, and add customer profiles.
Manage Gift CertificatesAllows the user to edit and create Gift certificates within the marketing section.
Manage MarketingAllows the user to access the marketing section, which includes Emails and 3rd party Emails.
RecordingsAllows user to access the shopping session recordings.
Refund OrderAllows the user to issue a refund on orders.
Review OrdersAllows the user access into the Order Management section.
View Amazon PIIEnable this for users that are reviewing orders and need to be able to see the Personally Identifiable Information.
View ItemsRead only permission to view the items and item editor but can't make changes to the items configuration.
Edit StoreFrontAllows user to access the storefront menu.
Edit StoreFront - Download Lists/SegmentsAllows the user to download Email Lists and Email Segments from the Storefront Communications.
Edit StoreFront - Use CommunicationAllows the user to access the Communications menu within the Storefronts menu
View Amazon PIIEnable this for users that are reviewing orders and need to be able to see the Personally Identifiable Information.
Edit StoreFrontAllows user to access the storefront menu.
Edit StoreFront - Download Lists/SegmentsAllows the user to download Email Lists and Email Segments from the Storefront Communications.
Edit StoreFront - Use CommunicationAllows the user to access the Communications menu within the Storefronts menu.

Storefronts

FieldDescription
Communications - Download Lists/SegmentsEnable for marketing users that may require access to this customer data
Communications - ReadonlyAllow 'Read only' access to the Communications area.
Communications - UseAllow editable access to the Communications area.
Full AccessAllow editable access to the Communications area. Enable for users with role to create and edit Flows, Campaigns, etc.
RecordingsAllows user to access the shopping session recordings.
Upsells - ReadonlyAllow 'Read Only' access to the upsells area to review but not edit the flows. If unchecked, the user will have create/edit/delete permissions.
Visual Builder Enable/Disable Protected ContentAllows user to enable/Disable protected content within the Storefront Visual Builder editor. Enable only for the admin users.

Email Notification

Just like Permissions the Email Notification section allow you to set each user with their own set of email notifications. This allows you to have one user that only handles order that need to be shipped or another user that is looking at auto order (recurring orders).

Simply place a check in the box to the left of the notification you want to grant to this user. 

...


Image Added

The Configurable Email Notifications Appear in Sections

...

Channel Partners

Notifications related to sales activity on eBay
FieldDescriptioneBay
eBayNotifications related to sales activity on eBay.

Conversations

FieldDescription
Unread SMS messagesEnable for users that are users of the SMS Conversations, to notify them when a SMS message has been received that needs follow up.

Customers

FieldDescription
Auto Order CancellationsSelect this checkbox to be notified whenever an auto order is cancelled.
Auto OrdersSelect this box to be alerted to any problem with processing of a scheduled auto order.
(The message will include reference to the auto order customer and the transaction response recorded from the gateway.)
Customer FeedbackSelect this box to receive notifications related to the "Case Management" tool that is part of the "My Account, Customer Portal"
Wholesale SignupSelect this box to receive notifications related to Wholesale Signups

...

FieldDescription
Integration Log Health Report
Sends a daily email notification related to the account integrations.

See also the integration logs reports in the reporting area:
  • Integration Logs - AllProvides a snapshot view of the integration logs unfiltered.
  • Integration Logs - CriticalProvides a snapshot view of the integration logs filtered on critical errors.
  • Integration Logs - ErrorsProvides a snapshot view of the integration logs filtered on all errors/warnings.


Info
titleDaily Integration Health Report Delivery

The report will only be sent if there are 1 or more critical issues in the log reports.

PLEASE NOTE: Starting on August 1, 2021, if your account does not have at least one user with the notification enabled, UltraCart will send the notification to all users on the account with edit settings permissions.


...

Marketing

FieldDescription
Auto ResponderStorefront CommunicationsIf checked, user receives notifications related to activity/errors occurring with the UltraCart autoresponder tool.Email Campaign JobIf Checked, user receives notifications related to activity/erros occurring with a UltraCart Email Campaign toolStorefront Communications email campaigns and flows..

Orders > Overall

FieldDescription

Order Placed

If checked, user receives notification whenever an order is placed.

This notification has the following optional settings:

OptionDescription
 Include Order Details
  • If checked, the notifications will include the order details in the body of the message.
  • If not checked,  the notification will only have a hyperlink appearing in the body of the message,
    which when clicked will take the merchant to the order in the UltraCart backend.
 Include UltraROI DetailsIf checked, the notifications will include the order details and the UltraROI is configured on the account, UltraROI details will be included in the body of the message.
Include Affiliate DetailsIf not checked,  the notification will only have a hyperlink appearing in the body of the message,
which when clicked will take the merchant to the order in the UltraCart backend. Include UltraROI and the UltraCart Affiliate Management system is configured, will include Affiliate details (when applicable.)


Orders > Payments

FieldDescription
Fraud Review

Sends notification whenever an order triggers a Fraud Review rule configured in the Fraud Prevention configuration page.

OptionDescription
Include Order Details
  • If checked,
and the UltraROI is configured on the account, UltraROI details will be included in the body of the message.Include Affiliate
  • the notifications will include the order details in the body of the message.


Process Credit Card Payment

Check this box to have UltraCart send notification any time a credit card order needs to be processed.

FieldDescription
Fraud ReviewSends notification whenever an order triggers a Fraud Review rule configured in the Fraud Prevention configuration page
OptionDescription
Include Order Details
  • If checked,
and the UltraCart Affiliate Management system is configured,
  • the notifications will include
Affiliate details (when applicable.)

Orders > Payments

credit card order needs to be processed.
  • the order details in the body of the message.


Process PayPal Payment

Check this box to have UltraCart send notification any time a PayPal order needs to be processed.

OptionDescription
Include Order Details
  • If checked, the notifications will include the order details in the body of the message.
Process Credit Card Payment


Queued Refund Failure

Check this box to have UltraCart send notification any time a

OptionDescription
Include Order Details
  • If checked, the notifications will include the order details in the body of the message.
Process PayPal PaymentCheck this box to have UltraCart send notification any time a PayPal order needs to be processed

Queued Partial Refund failure occurs for an order.


Info
title Only applicable to Rotating Gateways

This notification only applies to rotating gateways configurations that have the 'Batch Cutoff Times' section configured.

*If you configure the batch cut-off time for this gateway, partial refunds that occur before the batch has closed out will be queued for processing 12 hours after the batch has closed.


OptionDescription
Include Order Details
  • If checked, the notifications will include the order details in the body of the message.


Quotation Request

Check this box to have UltraCart send notification any time a quote request is generated.


OptionDescription
Include Order Details
  • If checked, the notifications will include the order details in the body of the message.


...