Multiple logins per client?

[matthucke]

I'm trying to set up clients who have multiple contacts, and have each of them able to see the account, but without success.

 

Let's say my client is BobsPizza.com. Bob has employees Jim and Mary. Jim is Bob's web guy, Mary is Bob's accountant.

 

I created a client record in Bob's name, and added services; Bob can see his services, open tickets, etc.; all well and good.

 

I added additional "contacts" within this client, Jim and Mary - but this screen doesn't offer anywhere to set a password for them. When I tried logging in as Jim (using the email address in his contact record), it fails with "Login Details Incorrect. Please try again." Trying the password reset feature gives "The email address you entered could not be found."

 

Thus it would seem that the "Contact" defined on a client record is not a real account; it's basically just a way of adding someone to the email notification list.

 

Next I tried creating another client record entirely for Jim, with the same email address used as on the contact record - now I can log in as Jim, but it's an independent account that can't see Bob's stuff. He can't see Bob's domains or hosting packages, see the past trouble ticket history on them, add services, or anything. And in my customer database, there's nothing to link these accounts together other than my own memory - if Bob takes his business elsewhere, how will I know to disable Jim and Mary's accounts also?

 

I'd really like Jim and Mary to have access to their employer's domains, billing, etc., to be able to manage it (Bob's a busy man, he doesn't want to have to do this stuff himself).

 

Is there any way to do this, other than telling them to just share a password?

[redrat]

Good catch and I'd like to have this ability, too, especially for B2B.

[chickendippers]

Nope, contacts are just that; recipients of email messages from you.

[R-n-R]

Why couldn't the Client Side be set up just like the Admin side, the owner of the account has full access and he can add additional contacts, he assigns and gives them login details and permissions.

 

If he only wanted the Web guy to do is access the Support Ticket System, and maybe the knowledge base (assuming it was not viewable by the public) then he could give only these permissions. The person that handles book keeping would have access to invoices and being able to make payments.

 

I could see this being very useful.

[JLHC]

Yes this feature will be useful but from what I see they are not available as of yet. Maybe we will have to wait for the next versions or you can have Matt personally code this for you by requesting a quote from him.

[jozeph]

I've requested this as feature before. Maybe some one can describe the AWBS feature where the customer can add contact with some permissions in the client area, for example, see invoices, change informations, etc.

[redrat]

There is, however, the ever present possibility of abuse of such a facility and implementing it could actually open up a whole can of worms! If implemented, and I can see genuine uses for it, it needs to be done in such a way that security considerations are taken fully into account.

 

I would never offer this facility to clients per se anyway simply because of that reason. One can easily see legitimate business accounts possibly requiring such a capability and, for those instances, this idea would certainly be darned useful. But it is by no means as cut and dried as it first appears especially in relation to general usage.

 

The ability to be able to charge a fee for granting these extra privileges may help to mitigate some of the risks because that would make people think twice before asking for them.

[jnet]

A few days ago I came across this problem when a staff from the same company whose email is registered could not login and I asked to login with mail email and password

 

I go for this too

[scurrell]

I would never offer this facility to clients per se anyway simply because of that reason. One can easily see legitimate business accounts possibly requiring such a capability and, for those instances, this idea would certainly be darned useful. But it is by no means as cut and dried as it first appears especially in relation to general usage.

 

Perhaps it should be a facility that can only be actioned by admins, rather than the clients themselves.

[mojowill]

and i need this feature also i have multiple clients with 1 guy dealing with web stuff another with payments

[matthucke]

There is, however, the ever present possibility of abuse of such a facility and implementing it could actually open up a whole can of worms! If implemented, and I can see genuine uses for it, it needs to be done in such a way that security considerations are taken fully into account.

 

That'd be ideal, but complicated - perhaps something to strive for in later releases.

 

For now, I'd be content with just the ability to have multiple logins that, once logged in, had access to exactly the same data - just so support requests submitted by Jim and support requests from Mary come in with proper reply-to addresses, and there's a clear record of who did what.

 

My users are generally small companies, and some of them are a bit sloppy about password sharing - a habit I'd really prefer not to encourage. If the boss wants to use the same password for his email account and his WHMCS login, I'll have to accept that - non-technical people hate having to remember multiple passwords - but he shouldn't have to give that same password to his webguy and accountant (as these could then read his email). With independent logins, I can give Bob just one password to remember (for WHMCS, control panel, FTP, email, etc.), and he won't have to share it with the person who handles paying my invoices.

 

"All subaccounts are created equal" isn't ideal, but it could be a step in the right direction!

[redrat]

Sure Matt. I agree with the small caveat that it would be switchable because many hosts would find the potential fraud loopholes opened up to be extremely worrying.

[faisal]

yes this is needed for a lot of host companies

 

Good Idea

[michelle]

We also would love to see this. We host a lot of nonprofits and they usually have different people assigned to different tasks (Treasurer gets the billing, President serves as the admin and the Webmaster views the KB, submits tickets). Our customers are often confused about why they need to use the President's email address as the login to access the customer area. It feels weird for them because it's not their address.

 

When the Webmaster submits tickets, the President's name, instead of his, appears in the ticket system. Which is also not so great.

 

We would really like to see multiple logins made available and the main Admin contact assign what each can view. For instance, allow the Webmaster to submit tickets but not have the ability to submit new orders.

[Blueberry3.14]

It's been requested in "feature requests" a few times.

[swg]

We also would love to see this. We host a lot of nonprofits and they usually have different people assigned to different tasks (Treasurer gets the billing, President serves as the admin and the Webmaster views the KB, submits tickets). Our customers are often confused about why they need to use the President's email address as the login to access the customer area. It feels weird for them because it's not their address.

 

When the Webmaster submits tickets, the President's name, instead of his, appears in the ticket system. Which is also not so great.

 

We would really like to see multiple logins made available and the main Admin contact assign what each can view. For instance, allow the Webmaster to submit tickets but not have the ability to submit new orders.

 

Agree that this is definitely needed!!!

[ChrisGooding]

Does anyone know if this will be implemented, or whether anyone is working on a module to make it happen.

[Impact-John]

i even tested creating a user than merging with another client thinking it would keep there login details but than go to the other accounts area but no good

[gurumani]

2 days and my module/add-on will be released. Thanks!

[Impact-John]

what exactly is your add on module going to do and do you need testers

[gurumani]

I am working hard on this mod the only thing holding me back now is how WHMCS encrypts the clients passwords. I am having issues getting the MD5 hash.

[stirton]

Matt, we'd love to hear your thoughts on this one please?

[eseelke]

I would love to see this added to the WHMCS core features, as well.

 

It should also give the owner of the account the ability to view tickets that employees opened and how support handled them.

[sol2010]

Well I know I am dragging up an old thread, but I need this functionality and this is where Google brought me

 

Has there been any movement on this feature request?

 

I just want to have two users (with separate logins) access the same account.