Planning User Permission Requirements
A user can have access to three XiPay environments: Dev, QA, and Production. Within those environments, user permissions must be determined by assigning roles. The Administrators role allows the user to display raw card numbers. Auth, Credit, Settle, and Reporting all segment the operations or functions that a user can perform within the XiPay WebGUI.
The following diagram illustrates each environment and each role the user can be assigned within each of the environments.
Permission roles
The roles are assigned within each environment and are applicable to all XiPay WebGUI Server IDs (a.k.a. XIIDs) within the given environment. If you want to manage user permissions at the XIID level, you can request Subdivisions.
| Permission role | Description |
|---|---|
|
Administrators |
Administrators role is a Server ID-wide permission and cannot be configured based on transaction types, ranges or user roles. Once assigned, the User is able to view raw card numbers on ANY transaction within the Server ID. You can view which Users have displayed Raw Card Numbers in the Audit Log in XiPay WebGUI. By assigning this role to a User, the Customer understands and accepts the risk associated with permitting its employees and vendors to view raw card numbers. We are not liable for any potential fraud committed by customer’s employees or agents who have been granted this permission. The Customer understands that we cannot assist in any investigation should a compromise occur. |
|
Auth |
Ability to perform standard authorizations, verbal authorizations, and to cancel authorizations. |
|
Credit |
Ability to perform credits. |
|
EditAuth |
Ability to edit an transaction in authorized status. |
|
Settle |
Ability to perform settlements, reset and close batches. |
|
Reporting |
Ability to execute and download reports. |
Subdivisions
XiPay permissions by default apply to all XiPay Server IDs (a.k.a. XIIDs) within a given environment. So if I give User A has Settlement permission in Production and I have 8 Server IDS, he/she will have access to all of those Server IDs. If I want control user permissions at the Server ID level, I will need to request subdivisions.
Subdivisions are a logically grouping of XiPay Server ID(s) to which I can give users access. It allows you to control permissions at the Server ID (a.k.a. XIID) level.
For example, our Merchant, Space City Aluminum, has 8 retail locations each with its own Merchant ID and therefore unique XiPay Server ID. Accounting is done by region so we want to group the Server IDs so we can easily give the Users access to all Server IDs within their designated region and exclude them from Server IDs for other regions. In our example, we have three Accounting regions: East, West and International so we would request 3 Subdivisions and assign the appropriate Server IDs. See the example hierarchy below.
