View Source

A Sub-Admin is a special Admin account for which you can restrict the permissions on different levels (view, edit, delete permissions, or no access) for different sections of the Admin Panel (Users, Domains, Logs, etc.). Furthermore, you can restrict login access to only certain known IPs.

Some examples for using sub-admins are the following:

API integration - you shouldn't use your main Admin account to authenticate with the API.
WHMCS plugin - use a Sub-Admin to authenticate your WHMCS plugin
dividing the work and responsibilities within a team - each team member can have a Sub-Admin

Best Practices

API Integration

For API authentication you are required to use an Admin username and password. This is the setup we recommend:

secure your main Admin account by activating Two-factor authentication. You can continue to use these credentials for Admin Panel direct login and perform actions via the web interface of the Admin Panel.
create a Sub-Admin for API access only. You can enable only the permissions you will integrate with the API or allow unrestricted permissions.
secure your API Sub-Admin by restricting login access to certain IPs - these should be the IPs of your servers that connect through the API.
optional: create other Sub-Admin for your team members that will use the web interface.

WHMCS Plugin

To connect your WHMCS using our plugin, you are required to authenticate using an Admin username and password. This is the setup we recommend:

secure your main Admin account by activating Two-factor authentication. You can continue to use these credentials for Admin Panel direct login and perform actions via the web interface of the Admin Panel.
create a Sub-Admin for WHMCS access only. You can allow unrestricted permissions.
secure your WHMCS Sub-Admin by restricting login access to certain IPs - the IP of your WHMCS server.
optional: create other Sub-Admin for your team members that will use the web interface.

Team Work

We don't recommend you share the same Admin account with other people, but instead, create a Sub-Admin for each member. This way, you can enable two-factor authentication for each and properly secure your account.

Furthermore, you can set certain levels of access for each of the Sub-Admin and restrict the responsibilities of each member of your team.

Manage Sub-Admins

Add a Sub-Admin

Go to the Admin Panel.
Log in using your main Admin username and password.
Click on Sub-Admins in the menu.
Click on the New button

Emailarray Support Wiki > Manage Sub-Admins > Admin Panel - new Sub-admin.jpg

Fill in the details of your new Sub-Admin:
- Sub-Admin username
- Sub-Admin password
- Sub-Admin e-mail address - will be used for password recovery
- Sub-Admin full name
Select the level of permissions for each section. Each level of permission is numbered and the higher levels include the ones below it ( level 2 includes level 1, level 3 includes level 1 and 2, etc.):
- Account History: see the actions performed by Admin and Sub-Admins on the Home page
- Users: view/manage/remove/impersonate Users (mailboxes). The highest level is 5 - Impersonate and allows you to "sign in as" the User into Webmail and User Panel.
- Domains: view/manage/remove Domains.
- Aliases: view/manage/remove Aliases.
- Lists: view/manage/remove distribution Lists.
- Smart Lists: view/manage/remove Smart Lists.
- Branding: view/update branding settings for the main Admin account.
- Filtering: view/modify/remove whitelist and blacklist entries for Spam Filtering.
- Logs: view Incoming and Outgoing Logs, Last logins.
Click on the Add Subadmin button to save.

Example:

Remove a Sub-Admin

Go to the Admin Panel.
Log in using your main Admin username and password.
Click on Sub-Admins in the menu.
Click on the Delete icon next to the Sub-Admin you want to remove.

Emailarray Support Wiki > Manage Sub-Admins > Admin Panel - remove sub-admin.jpg

Update a Sub-Admin

You can update all the details and permissions of a Sub-Admin.

Go to the Admin Panel.
Log in using your main Admin username and password.
Click on Sub-Admins in the menu.
Click on the Edit (pencil) button next to the Sub-Admin you want to update.
Update the details. If you want to update permissions but don't want to change the password, leave the Password field blank.
Click on the Update button to save the changes.

Emailarray Support Wiki > Manage Sub-Admins > Admin Panel - edit sub-admin permissions.jpg

Restrict Sub-Admin login access

Log in as the Sub-Admin and follow the instructions for restricting login access.

Two-factor authentication for Sub-admins

Log in as the Sub-Admin and follow the instructions for enabling two-factor authentication. Please note you cannot enable two-factor authentication for a Sub-Admin that you use for API or WHMCS authentication - use restricted login access instead.