Store Settings
User Groups
9.10 expands User Groups in Miva to make them more accessible and easier to use across all admin users. It is highly recommended that you follow the principle of least privilege when setting up your Miva users. This concept means you give each user the minimum permissions required to successfully do their job. For example, if you have an employee who job it is to process orders you only want to give them access to the order processing screens in Miva. Giving them access to do things beyond what their job requires opens additional security concerns.
Overview
Here is an overview of the changes to User Groups in Miva 9.10
- Redesigned Add User Screen
- Default User Groups
- Administrator (super users) require 2 factor authentication and it is a 2 step process to create them
Adding New Users
Default User Groups
There are now 6 default User Groups with the correct permissions already pre-set. You can customize the permissions or create new User Groups, however the 6 default groups make is very simple to give each user the correct permissions at the time the user is created.
The 6 Default User Groups include:
- Accounting & Reporting - View existing orders, manage affiliate transactions and run reports
- Customer Service & Sales - Create and modify orders, manage customer accounts (including stored payment cards)
- Marketing - Create and modify discounts, coupons and gift certificates
- Order Processing & Fulfillment - View and modify existing orders
- Product Management - Manage products and categories
- User Interface - Manage the visual design of the interface presented to shoppers, including ReadyThemes
Administrator Users
Administrator users in Miva have the highest level privileges available. They can access all areas of the Miva admin and should only be given to the appropriate personnel on your team. Starting from 9.10 and moving forward all new administrator users created must have 2 factor enabled.
Creating new administrator users is now a 3 step process
- Create a new user
- Enable 2 Factor Authentication
- Edit user and make them an Administrator
Users without 2 Factor enabled will have the administrator setting disabled
API Users
If you are using a Miva Administrator User to push and pull data via any sort of integration including, Dynamic Order Export, Stone Edge, Shipstation, Shipworks, etc you will need to disable forced 2 factor for those users (assuming an administrator user is required for your integration). Please contact support@miva.com and we will provide instructions on how to configure those users so that 2 factor authentication is not required.
Phased Roll Out
Forced 2 Factor Authentication for Administrator Users is being rolled out in a couple phases. Miva 9.10 will introduce the new functionality to all stores however, it will only be enforced for new Administrator users created after 9.10 is installed. Forced 2 Factor will not automatically be activated for all existing administrator users until a future update. This phased roll out gives Miva Store owners the ability to go through their current administrator users and reduce their permissions to a lower level or configure 2 factor for each Administrator user.
Once the forced 2 factor for all administrator users is enabled and an administrator user attempts to login without 2 factor enabled they will be presented with this screen which will allow them to drop their permissions or enable 2 factor.
