Top

Wapto documentation

Manage Users

Welcome to WAPTO!

Get an AI summary of this page
ChatGPT Gemini Grok Perplexity

Administrative Access Governance

The **Manage Users** module is the central hub for administrative security within Wapto platform. It allows Super Admins to define exactly who can access the platform, assigning specific roles to staff members while maintaining a complete audit trail of joined dates and login activity.

Accessible via the sidebar under **MANAGE USERS → All Users**, this section is critical for maintaining platform integrity and operational security.

Role-Based Access
Assign specialized roles (Finance, Support, Ops) to limit platform exposure.
Security Control
Enable, disable, or modify admin accounts instantly to match team changes.
Audit Visibility
Track joining dates and platform status for every administrative account.


Navigation Flow
Log in to the Wapto Admin Panel.
Locate Manage Users in the left sidebar menu.
Click All Users to view the central management table.
User List Data Points
  • Identity: Name and primary email address.
  • Role: Current access tier (e.g., User, Admin).
  • Status: Live connection state (Active / Disabled).
  • Timeline: Fixed registration date for audit tracking.

Operational Management (Existing Users)

Edit Profile

Update administrative roles or contact details as team responsibilities evolve.

Disable Account

Instantly restrict access without deleting the user, preserving all historical audit logs.

5. Plan Assignment & User Maintenance

Administrators can directly influence a user's service level by assigning their subscription plans from the User List. This allows for rapid onboarding and manual tier adjustments.

Assign Plan: Open the "Assign Plan" modal for any user to select from available subscription tiers.
Edit User: Modify core profile data, including name, email, and administrative roles and active/inactive status.
Delete User: Permanently remove a user record (use with caution; see compliance note below).

6. User Impersonate (Frontened Access) & Reset Password Link

The Impersonate feature allows Administrators to securely switch to a user's frontend view. This is invaluable for troubleshooting, user support, or auditing account activity directly from the user's perspective.

View-Only Permission

During an impersonation session, the Admin has View-Only permissions. You can navigate the user's dashboard and sections but cannot make changes or trigger actions on their behalf.

  • Redirect to Frontend: Instantly switch to the user's dashboard view.
  • Audit Capability: Verify user-reported issues in real-time.
  • Security Boundary: Non-destructive access ensures user data remains unmodified.
Security Reset

Directly trigger a Reset Password Link using the key icon.

7. Security Best Practices
  • Principle of Least Privilege: Limit "Super Admin" roles to a vital few.
  • Immediate Deprovisioning: Disable accounts the moment a staff member departs.
  • Password Governance: Enforce high-complexity passwords and 2FA.
  • Regular Audits: Perform monthly reviews of active administrative access.
Operational Notes
Compliance Note

**Avoid deleting users.** The system is designed to disable accounts to maintain clean historical activity logs and audit trails, which are vital for meeting compliance standards.

Always verify specific role permissions before assigning access to ensure the security boundary remains intact.