User Configuration Screen
- 2 User Configuration Introduction
- 2.1 Contact Information
- 2.2 New Password
- 2.3 New FTP Password
- 2.4 UltraSecure One-Time Password Token
- 2.5 Group Membership
- 2.6 Permissions
- 2.6.1 Admin
- 2.6.2 Advanced
- 2.6.3 Configuration
- 2.6.4 Conversations
- 2.6.5 Data Warehouse
- 2.6.6 Development
- 2.6.7 Items
- 2.6.8 Operations
- 2.6.9 Operations - Bulk
- 2.6.10 Storefronts
- 2.7 Email Notification
- 3 Frequently Asked Questions
- 3.1 Question: "Where can I enter the email addresses of the people in my company who should be notified when an order is placed"
- 3.2 Question: "Recently we've been missing some email notifications of orders, and in a couple of cases the emails are showing up hours later. Why might this happen?"
- 3.3 Question: "Is there a way to get text alerts when new orders come in? Sometimes we get folks to order online past our normal business hours and we were wondering if Ultracart could send text notifications to our cell phones?"
- 3.4 Question: "I was attempting to edit a user and the login changed from the users' login to my own, why?"
- 3.5 Password Manager
- 4 Related Documentation
Introduction
The User Configuration Screen allows administrators to manage user accounts within UltraCart. This includes:
Contact and login details
Password and security settings
Permissions and access control
Email notification preferences
This screen is essential for controlling who can access specific areas of your UltraCart account and what actions they are allowed to perform.
Navigation:Home Menu → Configuration (Account and Users) → Users → Add or Edit User
Prerequisites
Before adding, editing, or removing users, ensure the following:
Prerequisite: The logged-in user must have the Edit Users permission enabled.
This permission is located under:
Permissions → Admin → Edit UsersOnly highly trusted users or account administrators should be granted this permission due to its broad access capabilities.
The ‘Owner User’ cannot be edited by any other user.
Warning: Users without this permission will not be able to create, modify, or delete user accounts.
Understanding Permission Restrictions
UltraCart uses a granular permission system to control access across all areas of the platform.
Permission Denied Messages
If a user attempts to access a feature without the required permissions, they may encounter a:
Permission Denied
Access Restricted
Insufficient Permissions
message within the interface.
Note: These messages typically indicate that the user is missing one or more required permissions for that specific area or functionality.
How to Resolve Permission Issues
If a user encounters a permission error:
Identify the area or feature they attempted to access.
Relay the error message and context to the account administrator.
The administrator should:
Review the required permissions for that feature
Determine whether access should be granted
Update the user’s permissions accordingly
Tip: Permission errors are intentional safeguards. Only grant access that aligns with the user’s role and responsibilities.
User Configuration Introduction
There are six sections that can be configured for each user. This includes:
Section | Description |
|---|---|
Contact Information | Mandatory Fields that can only seen by you and UltraCart staff |
New Password | You only need to populate these fields for new passwords. The are intentionally left blank the rest of the time. A secure password should contain both letters and numbers and not contain an English word or easily guessable value. |
New FTP Password | You only need to configure this if you are going to use UltraCart's FTP. FTP URL: User ID: <Your Merchant ID>/<Your Login ID> (Example: Password: Whatever you fill in the New FTP Password field. |
UltraSecure One-Time Password Token | You only need to configure this if you are going to use UltraSecure. A secure password should contain both letters and numbers and not contain an English word or easily guessable value. This password will need to be different then your main account password. |
Permissions | Please spend some time considering how to set these up. There could be security risks to your company if you are not careful with who has access to what areas of UltraCart. |
Email Notifications | Email Notifications are what are sent to you when certain actions take place in your account. These are not for your customer, but for your information only. |
Contact Information
The contact information applies to this individual user only. It is very important that you configure each user with correct names and emails for obvious reasons. When a user contacts support via phone or email regarding account information, our support personnel will use the information entered here to help make accurate identification.
Field | Description |
|---|---|
Login | In the login field, enter the user's first initial and last name. If there are very few users, then first names only are acceptable. This will be the login name that the user will use to access their account. |
Name | Please enter the full name of the user. |
Please enter the email address used to contact this user. It is very important to make sure this field is correct and a valid email. | |
Phone | Please enter the phone number used to contact the user. |
New Password
This section allows you to set a secure password for the new user or change the password for an existing user.
A secure password (8-25 characters) should contain both letters and numbers and not contain an English word or easily guessable value. The password has to be reentered into the confirm password field a second time (since the password is not visible the first time it's typed). A good technique for creating a safe password is to think of a memorable, but not easily guessable phrase, then use the first letter of each word plus an additional digit or two inserted somewhere within the password, so that the final password is not something that would be contained in the dictionary.
New FTP Password
This Section allows you to setup access to the account via FTP. This is mostly used for catalog and screen branding configuration.
The Password here will need to be something different from the main password but again should contain both letters and numbers and not contain an English word or easily guessable value.
Related: FTP Server Access
UltraSecure One-Time Password Token
UltraCart supports two factor authentication on your UltraCart account to enhance the security of your account. Two factor authentication means you have something you know (your regular password) and something you have (the token on your phone that is generating the one time password). Previously UltraCart used physical tokens from CryptoCard (deprecated) and our own OTP application for Android (deprecated), but has now standardized on the open source project Google Authenticator that is available for all the major mobile phone platforms. There are two primary benefits to using an OTP token:
Enhanced security
Removes the requirement for IP activation
Removes the requirement for a password change every 90 days.
Related: UltraSecure OTP Tokens
Group Membership
Use group memberships to assign same permissions to multiple Users.
Permissions
Permissions allows you to set the level of access you want each user within your account to have. You should only grant each user the minimum permissions they need to perform their job tasks.
Simply place a check in the box to the left of the permissions you want to grant to this user.
Admin
These permissions should be restricted to only those users that are administrators on the account.
Field | Description |
|---|---|
Edit Service Plan | This gives a user access to the account's billing (SERVICE PLAN) area. This Permission also triggers Service Plan "Billing Activity" Notification emails |
Edit Users | No one but the Owner on the account and/or a very trusted employee should have access to this permission. With this setting you can add or delete users whenever you want. |
Link New Accounts | This permission allows the user to link New Accounts to a linked accounts configuration. |
Advanced
Field | Description |
|---|---|
Affiliate Management | Allows the user to navigate to the Affiliate Management location. |
Configuration
Field | Description |
|---|---|
Edit Customer Notification | Allows the user to access the email notification section, which controls the emails sent to customers. |
Edit Export Settings | Allows the user to use the Exporting Orders section. The user will also need the Edit Settings permission. |
Edit Fraud Rules | Allows user to access and edit the Fraud Prevention Rules |
Edit Gift Giving | Allows the user to make changes to the gift giving section of the checkout. |
Edit Look and Feel | Allows the user to make changes to the screen branding themes. Screen branding themes control the look and feel of your checkout pages. |
Edit Return Policy | Allows the user to make changes to the global Return Policy page. |
Edit Settings | Allows the user access to all of the configuration area. |
Edit Settings - Auto Order Processing | Allows the user to access the Auto Order Processing configuration page. Use this one to provide edit access to the auto order processing configuration page only. |
Edit Tax Rates | Allows the user access to Sales Tax. The user will also need the Edit Setting permission. |
Allows the user to access to configure the Facebook-UltraCart Integration. | |
Manage Marketing | Allows the user to access the marketing section, which includes Emails and 3rd party Emails. |
Conversations
Field | Description |
|---|---|
Phone System Administrator | Provides Administrator permissions to manage the Phone System configuration. |
Phone System Agent | Enables access to the Phone System |
Phone System Supervisor |
|
SMS/Web Chat Administrator | Enable for administrators of the SMS/Chat |
SMS/Web Chat User | Enable for users/operators of the SMS/Chat |
Data Warehouse
Field | Description |
|---|---|
Grant Permissions to Others | The owner user can delegate the assignment of the Level1-Level4 BigQuery data access by assigning this permission to a user. |
Level 1 - Standard Access (No PII) (Owner Managed) | |
Level 2 - Low sensitive data (Owner Managed) | |
Level 3 - Medium sensitive data (Owner Managed) | |
Level 4 - High sensitive data (Owner Managed) |
Development
Field | Description |
|---|---|
API Access ([IP Addresses]) | This is a special use setting typically configured on a user that is configured on the account specifically for use in API integration. Limiting this setting to users that are otherwise limited to very little access to the UltraCart backend improves security. IP Addresses (white-listing) The "IP Addresses" field can hold about 15 IP addresses. You can use The asterisk character to apply an IP range. The wildcard format is |
Items
Field | Description |
|---|---|
Destructive Import Options | Enable only for users performing advanced Item Imports. This enables the "destructive" import options that erase/overwrite catalog assignments, related item assignments, item attributes, or delete items. |
Edit Items | Allows the user to make changes to the items configured within the account. This also includes adding and removing items from the account. |
Edit Reviews | Allows the user to view and make changes to customer reviews. |
View Items | "Read only" permission to view the items and item editor but can't make changes to the items configuration. |
Operations
Field | Description |
|---|---|
Access Accounts Receivable | Allows the user to navigate to the Accounts Receivables location. |
Access Quotations | Allows the user to go into the Quotes review location. |
Access Reports | Allows the user to access the Reporting section and run all available reports (subject to other restrictions such as PII access). |
Access Reports without PII | Allows the user to navigate to the Reporting location, but restricts access to reports that contain PII (Personally Identifiable Information.) Reports containing Personally Identifiable Information (PII) will display the PII details as random text and numbers if the user has the “restrictive” user permission titled ‘Access reports without PII' enabled. |
Access Shipping Department | Allows the user to navigate to to the Shipping Department location. |
Accounts Receivable - Skip Payment Processing | Enabling this permission, allows the A/R (viewing a specific order) to display the 'Skip Payment Processing' button , as well as the 'Authorize Orders' button, in the Payment processing section. |
Back End Order Entry | Allows access to the Back End Order Entry (BEOE). Since the BEOE tool allows for overriding of item costs and shipping costs on-the-fly, you may choose to be selective about which users have access to the BEOE tool. |
Back End Order Entry (Customer Profiles) | Allows the user to access customer profiles search tool when using the BEOE tool. |
Back End Order Entry (Prevent Direct Credit Card Entry) | Select this to restrict direct credit card entry (for example to limit them only to the PII protected CC entry by the customer via phone call. |
Back End Order Entry (Shared Templates) | Select this to allow templates a user creates to be shared to other users. |
Delete Order | Deleting an order removes it from your system there is no way to get it back. |
Edit Catalog | Allow the user access to the Catalog configuration pages. |
Edit Order | Allows the user to Edit, Delete and make changes to customers orders. |
Edit Order Items After Payment Processed | Allows the user to edit order items in placed orders that have been processed for payment. |
Edit Order Price | Allows the user to modify the pricing on an order, including item prices, discounts, and totals. Use with caution as it impacts financial reporting. |
Free Replacement Shipment | Allows the user to create replacement shipments for orders at no charge. Typically used for damaged or lost shipments. |
Manage Auto Orders | Allows the user to have access to review or make changes to auto orders. The user will also need the permission to Review Orders. |
Manage Auto Orders (Cancel) | Allows the user to have access to review or make changes to auto orders, including cancelling. The user will also need the permission to Review Orders. This allows for more granular permissions for customer representatives. |
Manage Chargebacks | Allows the user to access the Chargeback Processing section. The user will also need the Edit setting permission. |
Manage Customer Profiles | Allow the user to have access to the Customer Profiles section. This will allow the user to edit, delete, and add customer profiles. |
Manage Gift Certificates | Allows the user to edit and create Gift certificates within the marketing section. |
Postpone Auto Orders | Allows the user to delay the next processing date of an auto order |
Refund Manual Tax Calculation | This allows the tax amount in the order to be manually edited. Normally the tax is calculated, and not directly editable. |
Refund Order | Allows the user to issue a refund on orders. |
Review Orders | Allows the user access into the Order Management section. |
View Amazon PII | Enable this for users that are reviewing orders and need to be able to see the Personally Identifiable Information. |
Operations - Bulk
The Operations – Bulk permissions allow users to perform bulk order actions directly from the View Orders search results page.
Field | Description |
|---|---|
Bulk - Auto Order Export | Allows the user to export selected Auto Orders in bulk from the View Orders search results. |
Bulk - Batch Operations | Allows the user to perform supported batch-level operations on multiple selected orders simultaneously. |
Bulk - Delete | Allows the user to delete multiple selected orders at once. Use with caution. |
Bulk - Download | Allows the user to download selected orders in bulk (format dependent on export configuration). |
Bulk - Export | Allows the user to export selected orders using available bulk export tools. |
Bulk - Export Customers | Allows the user to export customer records associated with the selected orders. |
Bulk - Export Orders | Allows the user to export full order data for the selected orders. |
Bulk - Import Customers | Allows the user to perform bulk customer import operations when applicable from the orders interface. |
Bulk - Print Invoices | Allows the user to print invoices for multiple selected orders simultaneously. |
Bulk - Print Orders | Allows the user to print order summaries for multiple selected orders. |
Bulk - Print Packing Slips | Allows the user to print packing slips for multiple selected orders simultaneously. |
Bulk - Refund | Allows the user to issue refunds on multiple selected orders in a single bulk operation. |
These permissions are designed for operational efficiency when managing high order volume environments. Users granted these permissions can select multiple orders and perform specific actions simultaneously.
Warning: Bulk actions can affect multiple orders at once. Only assign these permissions to users who fully understand the operational impact.
Storefronts
Field | Description |
|---|---|
Communications - Download Lists/Segments | Enable for marketing users that may require access to this customer data |
Communications - Readonly | Allow ‘Read only' access to the Communications area. |
Communications - Use | Allow editable access to the Communications area. |
Full Access | Allow editable access to the Communications area. Enable for users with role to create and edit Flows, Campaigns, etc. Important Note Regarding Email Notification triggered by this permission If no user on the account has the email notification "Marketing: Storefront Communications" enabled on the account, then all users with full permissions to the Storefront will received the notification, since this notification is related to additional service fees. In order to prevent the broadcast of this email notification to all users with the "full permission" permission, make sure to configure at least one user on the account with the email notification. |
Recordings | Allows user to access the shopping session recordings. |
Upsells - Readonly | Allow 'Read Only' access to the upsells area to review but not edit the flows. If unchecked, the user will have create/edit/delete permissions. |
Visual Builder Enable/Disable Protected Content | Allows user to enable/Disable protected content within the Storefront Visual Builder editor. Enable only for the admin users. |
Email Notification
Just like Permissions the Email Notification section allow you to set each user with their own set of email notifications. This allows you to have one user that only handles order that need to be shipped or another user that is looking at auto order (recurring orders).
Simply place a check in the box to the left of the notification you want to grant to this user.