Managing Users & Admins
Technote on how to efficiently manage users and administrators in Apogee StoreFront and Asanti StoreFront
The people who visit a public StoreFront web-to-print shop or have access to a password protected private store are referred to as users. Managing users is covered in this section of the StoreFront Online Help. This page provides additional tips and tricks for managing users and administrators.
The easiest way to add users to a store is by asking them to register themselves. Self-registration works by giving anyone with an e-mail address that ends with a specific domain name or set of domain names an account for a store. For example: in a shop set up for company.com you can enable self-registration and allow anyone with a @company.com, @company.co.uk or @company-supplies.au e-mail address to create an account in this store.
When users request an account, the confirmation mail inviting them to pick a password is sent to their company e-mail address. This way only genuine employees get access to the store. Self-registration is activated in the Stores > Pages > Login window in StoreCenter.
Providing access to a mixed group of users
Some stores target a mixed audience of internal and external users, such as company employees as well as dealers or employees of a non-profit organization as well as their volunteers. In such cases you can only use self-registration for part of the user base. Below is an example of a login page that caters to both Agfa customers, who use a wide variety of e-mail addresses, and Agfa employees, whose e-mail address always ends with @agfa.com.
The text for customers explicitly specifies an e-mail address where they can request an account. This is handy for users who use a web-based mail client. People who have a dedicated mail application can click the ‘Request Account’ button which will create a new e-mail where they can fill in their credentials to request an account.
For the store in our example, self-registration has been enabled in StoreCenter in the Stores > Pages > Login window. The accepted e-mail domain address is set to agfa.com.
To add the button so non-Agfa people to request an account, the following HTML code was used to customize the login screen. This code was copied to the content window using the Tools > Source code menu option.
<p>Store access is limited to existing Agfa Graphics customers. Send an e-mail to firstname.lastname@example.org or click the button below to request an account.</p>
<input type=”button” class=”submit” value=”Request Account” />
<p>If you are an Agfa employee, you can request an account using the button below.</p>
Getting users onboard
Convincing users to start using your web-to-print service can be a challenge. In this article Jennifer Matt from WhatTheyThink discusses people’s resistance to change, how this can harm your web-to-print projects and what the best approach is to deal with the problem.
Maintaining a password policy for administrators
Having a strict password policy is important, as one of our StoreFront customers discovered in early 2014. This company used a shared e-mail address to give their entire team access to StoreCenter. The password of this account was not changed after one of the team members got fired. Two months after leaving the company the disgruntled ex-employee used this account to delete most of the products and store settings! The StoreFront team managed to restore most of the data but obviously this was a frustrating experience for both the customer and the support team. To prevent such mishaps from happening:
- Do not use a single StoreCenter administrator account for multiple people. Give each person their own account. This makes it easier to trace who accesses the server.
- Deactivate accounts or change passwords when people leave the company or change jobs and no longer need access to StoreCenter.
- Share the above guidelines with your customers who have company administrator access to StoreFront. Remember that these administrators can reject orders, remove products from their own store or deface its home page.