Contact usBook a demoSupport

Accessing the Backoffice

How to access the Backoffice

Path: Back office

Never share your login information. Users can each have individual credentials.

WHO CAN USE THIS FEATURE?

Operators who possess an active account and appropriate credentials are granted access to all or specific back-office functionalities. Vendors and customers are not authorized to access the back office.

URL to access the Backoffice PRODUCTION ENV.

Upon the creation of your Operator account, an official notification email will be dispatched to you. This email will include essential details such as the Back-office URL, providing you with access to the platform.

For enhanced security measures, SCND employs a dynamically generated URL for accessing the back office (e.g., yourdomain.com/randomlygeneratedstring). This URL is established during the initial setup of the platform by configuring the "second_admin_alias" parameter. Subsequently, administrators can modify this string via the "Parameters" interface within the Backoffice: Parameters

Changing the URL access string affects all users. You will have to share the new URL with them, without which they will no longer be able to access the back office.

Initial user & subsequent users PRODUCTION ENV.

Initial user (super-administrator)

Upon the initiation of the platform, the inaugural user is endowed with the utmost level of permissions, assuming the role of super-administrator by default. This designation is established during the initial setup process. Detailed instructions for configuring the initial user account can be found in the technical documentation.

Inviting other users (operators)

After the initial setup, access to the back office is granted solely to the Super-administrator. Acting as the primary account holder, the Super-administrator assumes the responsibility of configuring user roles and extending invitations to additional operators for collaboration within the back office environment.

Backoffice login page

Spoofing alert: always confirm that the URL you’re viewing corresponds to the URL of your Backoffice login page before entering your credentials.

When accessing the Back office, a login form is displayed:

As a user, you'll find an account creation notification in your email inbox, corresponding to the email address associated with your Back office account. This notification serves as a confirmation of your recent account setup.

When you first log in, you will be prompted to create your own password. This password will be set by you and will be used for future logins.

Recovering a lost password

To recover your password, click on the “Forgot your password ?” (figure 2) link beneath the login form:

Enter your email address to receive an email containing a link to reset your password:

Do not forget to check your spam if you do not see the email in your main inbox.

The number of password requests is limited. The rate limit can be viewed and changed through the “Configurations” interface.

Password policy: for security purposes a strong password policy is enforced. Password requirements:

  • Minimum password length: 10 characters

  • Contain at least:

    • 1 uppercase character (A-Z)

    • 1 lower case character (A-Z)

    • 1 digit (0-9)

    • 1 special character

  • New password must be different from the previous one

  • User should not user the first part of his email address

Password strength policy can be adjusted through the “Configurations” interface.

Two-factor authentication

Two-factor authentication (2FA) is a specific type of multi-factor authentication (MFA) that strengthens access security by requiring two methods (also referred to as authentication factors) to verify your identity.

We highly recommend that all Backoffice users activate 2FA authentication

Activating 2FA for your account

You will need to install an Authenticator App on your smartphone to follow this procedure (ex. Google Authenticator).

To set up the 2FA for your account, log in into the back office and click on the avatar menu. You will see in the menu the “Two-factor authentication” (figure 4 ).

Scan the QR-code with your Authenticator App (not just a QR code scanner), this will generate a 6-digits code which will be displayed on your device. Enter the code in the “6-digit code” field and click “Add” (figure 5) to enable the two-factor authentication for your account:

Logging in with 2FA

Once the 2FA is configured you will have 2 steps to login into the back office.

  1. Enter your credentials

  2. Fill in the 2FA 6-digit code generated to be able to login into the back office (figure 6).

Disabling 2FA authentication

You can remove the 2FA authentication on the back office by clicking on the “remove” button (figure 11), in the Two-factor authentication menu.

Remove Backoffice access

Please view the Administrator Management page to see how to delete an account.

Related resources

SBO:

PreviousSuperAdminNextNavigating the Backoffice

Last updated

Was this helpful?